2b6b1dddd517230fc96bdef5a6c3d40f38782fc6967f14d0418a513343d4912a

Sharing

Copy URL

Twitter E-mail

General

Target

2b6b1dddd517230fc96bdef5a6c3d40f38782fc6967f14d0418a513343d4912a
Size

99KB
MD5

19d9441fc1d272e34d4296b9d3fd5651
SHA1

028f2967f168293fe937c4c17d8ffb9fb5d4e0be
SHA256

2b6b1dddd517230fc96bdef5a6c3d40f38782fc6967f14d0418a513343d4912a
SHA512

a64a6fe1db1db86d5e70b02e653ef747fbcc926b25d3a165edf5150d346d93de8eb515660eceb5adbeebc0ef6d003683d0990bcb592fdd8db8516a05c75508c8
SSDEEP

1536:flsukw+4WClIV/KqjkPqfGT4YsDUkIpCXvj6N4fpJiHQcf2w9jws:flsuNukOGMYsokIpC7NPiH/9ss

Score

N/A

Malware Config

Signatures

Files

2b6b1dddd517230fc96bdef5a6c3d40f38782fc6967f14d0418a513343d4912a
.exe windows x86

4bd35b9faee8d5f0ffcd9d79fb57af72

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

??3@YAXPAX@Z
?terminate@@YAXXZ
wcsstr
wcslen
mbstowcs
wcsrchr
_initterm
_except_handler3
vswprintf
_wcsupr
free
??2@YAPAXI@Z
_adjust_fdiv
__RTDynamicCast
wcscpy
__dllonexit
_onexit
??1type_info@@UAE@XZ
malloc
wcschr
wcscmp
_purecall
wcscat
wcstoul
_wcsicmp
memmove

certcli

CAGetCertTypeProperty
CAGetCertTypeKeySpec
CASetCertTypeFlags
CAUpdateCertType
CAFindByName
CAGetCAProperty
CACloseCertType
CACertTypeGetSecurity
CAEnumCertTypes
CACertTypeSetSecurity
CAGetCertTypeFlags
CASetCertTypeKeySpec
CAAddCACertificateType
CASetCertTypeProperty
CAFreeCertTypeExtensions
CAEnumNextCertType
CAFreeCAProperty
CAGetCertTypePropertyEx
CAFreeCertTypeProperty
CASetCertTypeExtension
CACloseCA
CACreateCertType
CARemoveCACertificateType
CAFindCertTypeByName
CAGetCertTypeExtensions
CAEnumCertTypesForCA
CAUpdateCA

kernel32

GlobalUnlock
CloseHandle
lstrlenW
lstrcmpiW
InterlockedIncrement
SetUnhandledExceptionFilter
GetModuleHandleA
LoadLibraryW
OutputDebugStringA
GetProcessId
GetStartupInfoA
GlobalFree
SetLastError
GetCurrentProcess
LocalReAlloc
GetSystemTimeAsFileTime
GetModuleFileNameW
GetTickCount
DeleteCriticalSection
GlobalAlloc
lstrcpyW
FileTimeToSystemTime
OutputDebugStringW
GetLastError
IsBadReadPtr
InterlockedDecrement
QueryPerformanceCounter
IsValidCodePage
CreateFileW
GetSystemWindowsDirectoryW
RemoveDirectoryW
LocalFree
FileTimeToLocalFileTime
GetDateFormatW
GetACP
GetComputerNameW
WideCharToMultiByte
FormatMessageW
GetEnvironmentStringsW
InitializeCriticalSection
GlobalLock
GetEnvironmentStringsA

advapi32

RegCloseKey
RegQueryValueExW
RegDeleteKeyW
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW

user32

GetWindowLongW
LoadCursorW
MessageBoxW
GetParent
LoadStringW
SendMessageW
SetWindowTextW
GetDlgItemTextA
RegisterClipboardFormatW
SetFocus
LoadBitmapW
LoadIconW
WinHelpW
SendDlgItemMessageW
GetDlgItem
LoadImageW
EnableWindow
wsprintfW
DialogBoxParamW
SetWindowLongW
EndDialog
SetDlgItemTextW
InsertMenuItemW
GetDC
SetCursor
PostMessageW
SystemParametersInfoW
ReleaseDC

comctl32

CreatePropertySheetPageW
PropertySheetW

gdi32

DeleteObject
CreateFontIndirectW
GetDeviceCaps

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4bd35b9faee8d5f0ffcd9d79fb57af72

Headers

File Characteristics

Imports

msvcrt

certcli

kernel32

advapi32

user32

comctl32

gdi32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 80KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 80KB

.rsrc
Size: 24KB - Virtual size: 23KB