c8b63a1e16ae740bc4582d9791938a5eba09580273f30fc495018edc9d3ef793

Sharing

Copy URL Twitter E-mail

General

Target

c8b63a1e16ae740bc4582d9791938a5eba09580273f30fc495018edc9d3ef793
Size

198KB
MD5

0faa4e5e65cc1a8c24dec1dcb16dea10
SHA1

39878e2a6ea863339f0f29b28fac4eb6e3c979de
SHA256

c8b63a1e16ae740bc4582d9791938a5eba09580273f30fc495018edc9d3ef793
SHA512

74a4858539bd43fb903b0e8fe30acd4501efe8822000f1b219351bde100253ff7b1441320c293728cbf251050665081e2035432e482cc9c19661ef6060db6ac0
SSDEEP

6144:zops+8+Q8PpB4tpOzQRnzy8ee0UPKxNkmj:zSs+TPo9nWBe0UPK7

Score

N/A

Malware Config

Signatures

Files

c8b63a1e16ae740bc4582d9791938a5eba09580273f30fc495018edc9d3ef793
.exe windows x86

2f71cec56ca9eda2a3f0c49bf6442950

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
InitializeCriticalSection
OutputDebugStringW
lstrcpyW
GlobalUnlock
GlobalLock
DeleteFileA
InterlockedIncrement
IsBadReadPtr
GlobalAlloc
IsValidCodePage
lstrcmpiW
InterlockedDecrement
GetSystemTimeAsFileTime
GetEnvironmentStringsA
DeleteCriticalSection
GetDateFormatW
WideCharToMultiByte
GetStartupInfoA
LoadLibraryW
FileTimeToSystemTime
GetLastError
FileTimeToLocalFileTime
MultiByteToWideChar
GetComputerNameW
OutputDebugStringA
GetProcAddress
GetSystemWindowsDirectoryW
SetUnhandledExceptionFilter
GlobalFree
QueryPerformanceCounter
CreateFileW
GetModuleFileNameW
LocalReAlloc
GetCPInfo
FormatMessageW
lstrlenW
GetModuleHandleA
LocalFree
CloseHandle
GetCurrentProcess
SetLastError

msvcrt

wcsrchr
mbstowcs
wcscmp
_purecall
free
_wcsupr
_wcsicmp
??2@YAPAXI@Z
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_initterm
wcstoul
_onexit
_except_handler3
malloc
__RTDynamicCast
memmove
wcschr
__dllonexit
_adjust_fdiv
wcscat
wcsstr
vswprintf
wcscpy
??3@YAXPAX@Z
wcslen

certcli

CAGetCertTypeExtensions
CAUpdateCertType
CASetCertTypeProperty
CAEnumCertTypes
CASetCertTypeKeySpec
CAFindCertTypeByName
CASetCertTypeExtension
CAUpdateCA
CAGetCertTypeKeySpec
CAFreeCertTypeExtensions
CAFindByName
CAEnumCertTypesForCA
CACertTypeSetSecurity
CAGetCertTypePropertyEx
CACreateCertType
CACloseCA
CARemoveCACertificateType
CAGetCertTypeFlags
CAFreeCertTypeProperty
CACloseCertType
CAEnumNextCertType
CAGetCertTypeProperty
CAGetCAProperty
CAFreeCAProperty
CASetCertTypeFlags
CACertTypeGetSecurity
CAAddCACertificateType

comctl32

PropertySheetW
CreatePropertySheetPageW

user32

GetDC
wsprintfW
ReleaseDC
SetDlgItemTextW
LoadIconW
LoadCursorW
MessageBoxW
InsertMenuItemW
EndDialog
WinHelpW
LoadBitmapW
DialogBoxParamW
GetParent
GetDlgItem
RegisterClipboardFormatW
SetWindowTextW
SetCursor
GetDlgItemTextA
SystemParametersInfoW
LoadImageW
SetFocus
SendDlgItemMessageW
GetWindowLongW
PostMessageW
LoadStringW
SetWindowLongW
SendMessageW
EnableWindow

gdi32

DeleteObject
CreateFontIndirectW
GetDeviceCaps

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegDeleteKeyW
RegSetValueExW
RegCloseKey
RegDeleteValueW

ole32

CoTaskMemFree
CoTaskMemAlloc
ReleaseStgMedium
StringFromCLSID
CoCreateInstanceEx
GetHGlobalFromStream
CoSetProxyBlanket
StringFromGUID2
CreateStreamOnHGlobal

shell32

ShellExecuteW
ShellExecuteExW

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 78KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f71cec56ca9eda2a3f0c49bf6442950

Headers

File Characteristics

Imports

kernel32

msvcrt

certcli

comctl32

user32

gdi32

advapi32

ole32

shell32

Sections

.text Size: 69KB - Virtual size: 69KB

.rdata Size: 45KB - Virtual size: 45KB

.hdata Size: 78KB - Virtual size: 3.2MB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 69KB - Virtual size: 69KB

.rdata
Size: 45KB - Virtual size: 45KB

.hdata
Size: 78KB - Virtual size: 3.2MB

.rsrc
Size: 3KB - Virtual size: 2KB