8c5bf4d0dc15be738eb4d3c3a5c823085389387e09c58c34a04938d4bdf36a38

Sharing

Copy URL Twitter E-mail

General

Target

8c5bf4d0dc15be738eb4d3c3a5c823085389387e09c58c34a04938d4bdf36a38
Size

198KB
MD5

609f90062edd99470fde84502a569a50
SHA1

fce19cedcf1f3365814111e532dfdeb36f259561
SHA256

8c5bf4d0dc15be738eb4d3c3a5c823085389387e09c58c34a04938d4bdf36a38
SHA512

00cfd80a09168530bf78fef3e91214e92e89623e1aeec7a45cd49f55ad40a99aa545e9fcd1f970a6e311abf6565842a26ab826a004430569aab41b7b07a44828
SSDEEP

6144:lq7064fQujhJyEE/NmJ057+fGZWYCNujV:GhwheL/W0h

Score

N/A

Malware Config

Signatures

Files

8c5bf4d0dc15be738eb4d3c3a5c823085389387e09c58c34a04938d4bdf36a38
.exe windows x86

0c933645a0c9751241864e3cb98c53c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

WinHelpW
GetDlgItemTextA
SendMessageW
InsertMenuItemW
LoadBitmapW
DialogBoxParamW
EnableWindow
GetDlgItem
EndDialog
GetParent
LoadStringW
SetFocus
RegisterClipboardFormatW
LoadImageW
ReleaseDC
LoadIconW
MessageBoxW
SendDlgItemMessageW
PostMessageW
GetWindowLongW
SystemParametersInfoW
LoadCursorW
wsprintfW
GetDC
SetDlgItemTextW
SetCursor
SetWindowTextW
SetWindowLongW

kernel32

GlobalAlloc
FileTimeToSystemTime
InterlockedDecrement
lstrlenW
CloseHandle
LocalAlloc
FormatMessageW
DeleteFileA
SetUnhandledExceptionFilter
GetComputerNameW
GetCPInfo
GlobalFree
WideCharToMultiByte
MultiByteToWideChar
GetSystemWindowsDirectoryW
InitializeCriticalSection
InterlockedIncrement
GetStartupInfoA
LocalFree
GlobalUnlock
CreateFileW
GlobalLock
lstrcmpiW
LocalReAlloc
GetModuleFileNameW
IsValidCodePage
lstrcpyW
GetProcAddress
GetLastError
GetLocaleInfoW
SetLastError
QueryPerformanceCounter
DeleteCriticalSection
OutputDebugStringA
GetModuleHandleA
IsBadReadPtr
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
LoadLibraryW
GetDateFormatW
OutputDebugStringW
GetCurrentProcess
GetEnvironmentStringsA

crypt32

CryptEnumOIDInfo
CertOpenStore
CertSaveStore
CertFreeCertificateContext
CryptEncodeObject
CryptQueryObject
CertCloseStore
CertAddCertificateContextToStore
CertGetCertificateContextProperty
CertFreeCRLContext
CertControlStore
CryptDecodeObject
CertDuplicateStore
CertGetEnhancedKeyUsage
CertGetNameStringW
CertEnumSystemStore
CertDeleteCertificateFromStore
CertFindCRLInStore
CertEnumCertificatesInStore
CertDuplicateCertificateContext
CryptFindOIDInfo

ole32

GetHGlobalFromStream
ReleaseStgMedium
CoSetProxyBlanket
CoTaskMemFree
CreateStreamOnHGlobal
CoTaskMemAlloc
CoCreateInstanceEx
StringFromCLSID
StringFromGUID2

certcli

CAFindCertTypeByName
CAGetCertTypeFlags
CAEnumNextCertType
CAAddCACertificateType
CAGetCertTypePropertyEx
CAFreeCertTypeExtensions
CAFreeCAProperty
CAFindByName
CASetCertTypeKeySpec
CAUpdateCA
CASetCertTypeExtension
CACertTypeGetSecurity
CAGetCertTypeProperty
CACreateCertType
CAGetCertTypeKeySpec
CACertTypeSetSecurity
CAFreeCertTypeProperty
CAGetCertTypeExtensions
CASetCertTypeFlags
CAEnumCertTypesForCA
CACloseCertType
CAGetCAProperty
CARemoveCACertificateType
CAUpdateCertType
CAEnumCertTypes
CASetCertTypeProperty
CACloseCA

shell32

ShellExecuteW
ShellExecuteExW

gdi32

CreateFontIndirectW
GetDeviceCaps
DeleteObject

msvcrt

_wcsicmp
wcscmp
__RTDynamicCast
malloc
wcstoul
mbstowcs
_purecall
__dllonexit
wcsrchr
??2@YAPAXI@Z
?terminate@@YAXXZ
wcschr
wcscpy
vswprintf
wcscat
_initterm
_except_handler3
_wcsupr
??1type_info@@UAE@XZ
wcslen
memmove
wcsstr
free
_adjust_fdiv
??3@YAXPAX@Z
_onexit

cryptui

CryptUIWizExport
CryptUIDlgViewCertificateW
CryptUIDlgSelectCertificateW
CryptUIDlgViewCRLW

advapi32

RegQueryValueExW
RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyExW
RegCloseKey

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 85KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c933645a0c9751241864e3cb98c53c9

Headers

File Characteristics

Imports

user32

kernel32

crypt32

ole32

certcli

shell32

gdi32

msvcrt

cryptui

advapi32

comctl32

Sections

.text Size: 67KB - Virtual size: 66KB

.rdata Size: 39KB - Virtual size: 39KB

.mdata Size: 85KB - Virtual size: 2.2MB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 67KB - Virtual size: 66KB

.rdata
Size: 39KB - Virtual size: 39KB

.mdata
Size: 85KB - Virtual size: 2.2MB

.rsrc
Size: 4KB - Virtual size: 3KB