bc29176573b063cb9d17473810c82abc6b1f456bf526e354e49dba75deedc6ff

Sharing

Copy URL Twitter E-mail

General

Target

bc29176573b063cb9d17473810c82abc6b1f456bf526e354e49dba75deedc6ff
Size

198KB
MD5

42158919332f54ae3db3c206a7b9dbc0
SHA1

f45a7dd3f87189f95ec0dc62e288559992fd7eee
SHA256

bc29176573b063cb9d17473810c82abc6b1f456bf526e354e49dba75deedc6ff
SHA512

2aecd9affa5799510cf527340c4a1f869b26cce0ce71da7c7ab97faf961c24ac5880bee8342546804fab7ff8dd7c79b4b1dfe3b82e071a1a6e0f1fe640eede3f
SSDEEP

3072:g0l8F965JcIytv3XdKNr7ZLjwAYtb8rJ6ekUmLlhdKWSskbzEhrQYNjQz/9X9:g0lEoJcIYP6twAYtbLzJEbzElzNj+X9

Score

N/A

Malware Config

Signatures

Files

bc29176573b063cb9d17473810c82abc6b1f456bf526e354e49dba75deedc6ff
.exe windows x86

6979a54e9370e33c87f46e5a90a98ca6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetModuleFileNameW
InterlockedIncrement
SetUnhandledExceptionFilter
InterlockedDecrement
LocalFree
FileTimeToSystemTime
GetEnvironmentStringsA
lstrcmpiW
DeleteCriticalSection
GetDateFormatW
GetCPInfo
FormatMessageW
IsBadReadPtr
CreateFileW
GetLastError
GetSystemTimeAsFileTime
LocalAlloc
OutputDebugStringA
lstrlenW
GetModuleHandleA
GetStartupInfoA
LocalReAlloc
lstrcpyW
GetLocaleInfoW
WideCharToMultiByte
LoadLibraryW
GetSystemWindowsDirectoryW
SetLastError
OutputDebugStringW
GlobalFree
GetCurrentProcess
FileTimeToLocalFileTime
GlobalAlloc
QueryPerformanceCounter
GetComputerNameW
GlobalUnlock
MultiByteToWideChar
IsValidCodePage
GetProcAddress
WriteFile
GetSystemDefaultLCID
InitializeCriticalSection
CloseHandle
GlobalLock

certcli

CACertTypeSetSecurity
CAGetCAProperty
CAEnumNextCertType
CACreateCertType
CAAddCACertificateType
CARemoveCACertificateType
CACloseCA
CAEnumCertTypesForCA
CACertTypeGetSecurity
CASetCertTypeFlags
CASetCertTypeProperty
CAGetCertTypePropertyEx
CAFreeCertTypeProperty
CAFreeCertTypeExtensions
CASetCertTypeExtension
CAGetCertTypeExtensions
CAEnumCertTypes
CAFindByName
CACloseCertType
CAUpdateCertType
CAGetCertTypeFlags
CAUpdateCA
CAFindCertTypeByName
CAGetCertTypeProperty
CAGetCertTypeKeySpec
CASetCertTypeKeySpec
CAFreeCAProperty

gdi32

GetDeviceCaps
DeleteObject
CreateFontIndirectW

msvcrt

wcscat
_wcsupr
memmove
wcslen
_adjust_fdiv
??3@YAXPAX@Z
?terminate@@YAXXZ
wcsrchr
free
vswprintf
??2@YAPAXI@Z
malloc
__dllonexit
wcscmp
mbstowcs
_initterm
_wcsicmp
wcstoul
wcscpy
wcsstr
wcschr
_except_handler3
_purecall
_onexit
??1type_info@@UAE@XZ
__RTDynamicCast

shell32

ShellExecuteExW
ShellExecuteW

cryptui

CryptUIDlgSelectCertificateW
CryptUIDlgViewCRLW
CryptUIDlgViewCertificateW
CryptUIWizExport

crypt32

CertGetCertificateContextProperty
CertCloseStore
CryptDecodeObject
CertGetEnhancedKeyUsage
CertDeleteCertificateFromStore
CertEnumCertificatesInStore
CertDuplicateCertificateContext
CertFreeCRLContext
CryptEncodeObject
CertGetNameStringW
CertAddCertificateContextToStore
CryptEnumOIDInfo
CertControlStore
CryptQueryObject
CertSaveStore
CertOpenStore
CertFindCRLInStore
CryptFindOIDInfo
CertFreeCertificateContext
CertDuplicateStore
CertEnumSystemStore

advapi32

RegCreateKeyExW
RegEnumKeyExW
RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegSetValueExW
RegDeleteValueW
RegQueryValueExW

user32

WinHelpW
LoadStringW
LoadIconW
SetDlgItemTextW
LoadBitmapW
SetCursor
GetDlgItemTextA
GetDlgItem
GetWindowLongW
InsertMenuItemW
RegisterClipboardFormatW
EnableWindow
MessageBoxW
wsprintfW
SendMessageW
GetParent
SetFocus
DialogBoxParamW
PostMessageW
ReleaseDC
LoadCursorW
SendDlgItemMessageW
GetDC
SystemParametersInfoW
EndDialog
LoadImageW
SetWindowLongW
SetWindowTextW

ole32

ReleaseStgMedium
StringFromGUID2
CreateStreamOnHGlobal
CoCreateInstanceEx
CoTaskMemAlloc
CoSetProxyBlanket
StringFromCLSID
CoTaskMemFree
GetHGlobalFromStream

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 86KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6979a54e9370e33c87f46e5a90a98ca6

Headers

File Characteristics

Imports

kernel32

certcli

gdi32

msvcrt

shell32

cryptui

crypt32

advapi32

user32

ole32

comctl32

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 38KB - Virtual size: 38KB

.mdata Size: 86KB - Virtual size: 2.2MB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 38KB - Virtual size: 38KB

.mdata
Size: 86KB - Virtual size: 2.2MB

.rsrc
Size: 4KB - Virtual size: 3KB