f3981256c708937302d093e877ad779d612e770bbfb1fc0384928628c6556586

Sharing

Copy URL

Twitter E-mail

General

Target

f3981256c708937302d093e877ad779d612e770bbfb1fc0384928628c6556586
Size

197KB
MD5

6b59424df39089ea4bd304dcb58ed280
SHA1

74a2da663927914906abab57c33acc73880c15e2
SHA256

f3981256c708937302d093e877ad779d612e770bbfb1fc0384928628c6556586
SHA512

d08bed86e1bfd225da1086d1a11dc96c43d3318f530e4d4cb22f42870080abce26ffbad2a87f7bf31bf234e8d2395a6ce6405a0f6cf01f186bc84547cfaa725b
SSDEEP

3072:gYuzcf/Xj9GaWyQvGk6ZdTb0zVjO6KhfSpsKsnUxouOTJrGD8qgLGFPJmcz:SzmxGzlvGHLTb0zVtK9P3qoID8TGFV

Score

N/A

Malware Config

Signatures

Files

f3981256c708937302d093e877ad779d612e770bbfb1fc0384928628c6556586
.exe windows x86

98b81a981b1a9e32a323014dadf7503e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
GetModuleHandleA
GetSystemWindowsDirectoryW
lstrcmpiW
GetACP
InitializeCriticalSection
DeleteCriticalSection
LoadLibraryW
SetLastError
CloseHandle
GetCPInfo
CreateFileW
FileTimeToSystemTime
GetDateFormatW
lstrcpyW
IsValidCodePage
FileTimeToLocalFileTime
GlobalAlloc
GetLastError
GetCurrentProcess
WideCharToMultiByte
RemoveDirectoryA
InterlockedDecrement
MultiByteToWideChar
OutputDebugStringA
LocalReAlloc
GetProcAddress
GetModuleFileNameW
GlobalUnlock
SetUnhandledExceptionFilter
GetStartupInfoA
QueryPerformanceCounter
lstrlenW
FormatMessageW
GetEnvironmentStringsA
OutputDebugStringW
GetTickCount
GetSystemTimeAsFileTime
GlobalLock
GlobalFree
InterlockedIncrement
GetComputerNameW
IsBadReadPtr

msvcrt

_except_handler3
wcsstr
?terminate@@YAXXZ
free
malloc
??3@YAXPAX@Z
wcsrchr
_onexit
mbstowcs
memmove
wcscat
wcslen
__dllonexit
??2@YAPAXI@Z
_wcsicmp
wcscmp
wcstoul
__RTDynamicCast
wcscpy
_wcsupr
wcschr
vswprintf
_adjust_fdiv
_purecall
_initterm
??1type_info@@UAE@XZ

certcli

CAGetCertTypeFlags
CAFindByName
CAGetCertTypeKeySpec
CASetCertTypeFlags
CARemoveCACertificateType
CAGetCertTypeExtensions
CAEnumCertTypesForCA
CASetCertTypeExtension
CACertTypeGetSecurity
CAFreeCertTypeExtensions
CAFreeCertTypeProperty
CASetCertTypeKeySpec
CACreateCertType
CAGetCertTypeProperty
CAGetCertTypePropertyEx
CACertTypeSetSecurity
CACloseCA
CAEnumNextCertType
CAAddCACertificateType
CAUpdateCertType
CAUpdateCA
CAGetCAProperty
CAFindCertTypeByName
CAFreeCAProperty
CACloseCertType
CAEnumCertTypes
CASetCertTypeProperty

user32

SetFocus
MessageBoxW
SetDlgItemTextW
LoadCursorW
LoadStringW
SystemParametersInfoW
WinHelpW
LoadIconW
InsertMenuItemW
DialogBoxParamW
RegisterClipboardFormatW
SendMessageW
EnableWindow
LoadBitmapW
PostMessageW
SetWindowTextW
GetDlgItemTextA
EndDialog
LoadImageW
GetWindowLongW
ReleaseDC
wsprintfW
SetCursor
GetDlgItem
SetWindowLongW
GetDC
GetParent
SendDlgItemMessageW

comctl32

PropertySheetW
CreatePropertySheetPageW

advapi32

RegCloseKey
RegSetValueExW
RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegQueryValueExW

gdi32

CreateFontIndirectW
DeleteObject
GetDeviceCaps

shell32

ShellExecuteExW
ShellExecuteW

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 123KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98b81a981b1a9e32a323014dadf7503e

Headers

File Characteristics

Imports

kernel32

msvcrt

certcli

user32

comctl32

advapi32

gdi32

shell32

Sections

.text Size: 68KB - Virtual size: 68KB

.rdata Size: 123KB - Virtual size: 2.3MB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 68KB - Virtual size: 68KB

.rdata
Size: 123KB - Virtual size: 2.3MB

.rsrc
Size: 3KB - Virtual size: 2KB