d4ccf945ef9aa2c06aba6f2469e6d4dd51a9f9ecb924c72e37ed76de4a89bab0

Sharing

Copy URL Twitter E-mail

General

Target

d4ccf945ef9aa2c06aba6f2469e6d4dd51a9f9ecb924c72e37ed76de4a89bab0
Size

198KB
MD5

0e4e28a4f7cdef53269dcca314966cc0
SHA1

d34e930d198e2ceacaac275f49cda8dab14f1731
SHA256

d4ccf945ef9aa2c06aba6f2469e6d4dd51a9f9ecb924c72e37ed76de4a89bab0
SHA512

fc8c6af39b1d9d52169e228625e1ad4e7b87e82ffc4c7feac7a094bdc4c4c6994668f0063985c21b1a84bd983ee389a16d19522d675ab6cc7f4c21f0718552d1
SSDEEP

6144:lq7064fQujhJyEE/NmJ057+fGZWYCNujk:GhwheL/W0g

Score

N/A

Malware Config

Signatures

Files

d4ccf945ef9aa2c06aba6f2469e6d4dd51a9f9ecb924c72e37ed76de4a89bab0
.exe windows x86

0c933645a0c9751241864e3cb98c53c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

WinHelpW
GetDlgItemTextA
SendMessageW
InsertMenuItemW
LoadBitmapW
DialogBoxParamW
EnableWindow
GetDlgItem
EndDialog
GetParent
LoadStringW
SetFocus
RegisterClipboardFormatW
LoadImageW
ReleaseDC
LoadIconW
MessageBoxW
SendDlgItemMessageW
PostMessageW
GetWindowLongW
SystemParametersInfoW
LoadCursorW
wsprintfW
GetDC
SetDlgItemTextW
SetCursor
SetWindowTextW
SetWindowLongW

kernel32

GlobalAlloc
FileTimeToSystemTime
InterlockedDecrement
lstrlenW
CloseHandle
LocalAlloc
FormatMessageW
DeleteFileA
SetUnhandledExceptionFilter
GetComputerNameW
GetCPInfo
GlobalFree
WideCharToMultiByte
MultiByteToWideChar
GetSystemWindowsDirectoryW
InitializeCriticalSection
InterlockedIncrement
GetStartupInfoA
LocalFree
GlobalUnlock
CreateFileW
GlobalLock
lstrcmpiW
LocalReAlloc
GetModuleFileNameW
IsValidCodePage
lstrcpyW
GetProcAddress
GetLastError
GetLocaleInfoW
SetLastError
QueryPerformanceCounter
DeleteCriticalSection
OutputDebugStringA
GetModuleHandleA
IsBadReadPtr
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
LoadLibraryW
GetDateFormatW
OutputDebugStringW
GetCurrentProcess
GetEnvironmentStringsA

crypt32

CryptEnumOIDInfo
CertOpenStore
CertSaveStore
CertFreeCertificateContext
CryptEncodeObject
CryptQueryObject
CertCloseStore
CertAddCertificateContextToStore
CertGetCertificateContextProperty
CertFreeCRLContext
CertControlStore
CryptDecodeObject
CertDuplicateStore
CertGetEnhancedKeyUsage
CertGetNameStringW
CertEnumSystemStore
CertDeleteCertificateFromStore
CertFindCRLInStore
CertEnumCertificatesInStore
CertDuplicateCertificateContext
CryptFindOIDInfo

ole32

GetHGlobalFromStream
ReleaseStgMedium
CoSetProxyBlanket
CoTaskMemFree
CreateStreamOnHGlobal
CoTaskMemAlloc
CoCreateInstanceEx
StringFromCLSID
StringFromGUID2

certcli

CAFindCertTypeByName
CAGetCertTypeFlags
CAEnumNextCertType
CAAddCACertificateType
CAGetCertTypePropertyEx
CAFreeCertTypeExtensions
CAFreeCAProperty
CAFindByName
CASetCertTypeKeySpec
CAUpdateCA
CASetCertTypeExtension
CACertTypeGetSecurity
CAGetCertTypeProperty
CACreateCertType
CAGetCertTypeKeySpec
CACertTypeSetSecurity
CAFreeCertTypeProperty
CAGetCertTypeExtensions
CASetCertTypeFlags
CAEnumCertTypesForCA
CACloseCertType
CAGetCAProperty
CARemoveCACertificateType
CAUpdateCertType
CAEnumCertTypes
CASetCertTypeProperty
CACloseCA

shell32

ShellExecuteW
ShellExecuteExW

gdi32

CreateFontIndirectW
GetDeviceCaps
DeleteObject

msvcrt

_wcsicmp
wcscmp
__RTDynamicCast
malloc
wcstoul
mbstowcs
_purecall
__dllonexit
wcsrchr
??2@YAPAXI@Z
?terminate@@YAXXZ
wcschr
wcscpy
vswprintf
wcscat
_initterm
_except_handler3
_wcsupr
??1type_info@@UAE@XZ
wcslen
memmove
wcsstr
free
_adjust_fdiv
??3@YAXPAX@Z
_onexit

cryptui

CryptUIWizExport
CryptUIDlgViewCertificateW
CryptUIDlgSelectCertificateW
CryptUIDlgViewCRLW

advapi32

RegQueryValueExW
RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyExW
RegCloseKey

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 85KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c933645a0c9751241864e3cb98c53c9

Headers

File Characteristics

Imports

user32

kernel32

crypt32

ole32

certcli

shell32

gdi32

msvcrt

cryptui

advapi32

comctl32

Sections

.text Size: 67KB - Virtual size: 66KB

.rdata Size: 39KB - Virtual size: 39KB

.mdata Size: 85KB - Virtual size: 2.2MB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 67KB - Virtual size: 66KB

.rdata
Size: 39KB - Virtual size: 39KB

.mdata
Size: 85KB - Virtual size: 2.2MB

.rsrc
Size: 4KB - Virtual size: 3KB