bbdde3d39a4ab94795578be54e1e499fa50777ef6ef41831494ffab26a331ab8

Sharing

Copy URL

Twitter E-mail

General

Target

bbdde3d39a4ab94795578be54e1e499fa50777ef6ef41831494ffab26a331ab8
Size

381KB
MD5

5e536be0b235d4857d45b2924dc51a25
SHA1

6370d9c049c457baa9614744d5cd1d713d7a5ae4
SHA256

bbdde3d39a4ab94795578be54e1e499fa50777ef6ef41831494ffab26a331ab8
SHA512

0026cbd10f803b1dd1c56087c9ea7824774a9254a1f94f0075dab6b265fde657c1b9c2c7587a9121f99b2c81973f6455e0eb59d6dcf62b6aacf9108966841fae
SSDEEP

6144:v3KwV9fguO+AHqTy34CL7eaiXSQ58x6wdPZE9pR3mOyUXybjvkc1BAiL0zuvY:H/OPqTy34CtiXSQahPWPR3mDJf11BA0D

Score

N/A

Malware Config

Signatures

Files

bbdde3d39a4ab94795578be54e1e499fa50777ef6ef41831494ffab26a331ab8
.exe windows x86

b04aa83bea025ddf361f8e9078a30439

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cryptui

CryptUIFreeViewSignaturesPagesA
CryptUIDlgViewCTLA
CryptUIDlgViewSignerInfoA
CryptUIDlgViewCertificateA
RetrievePKCS7FromCA
CryptUIGetViewSignaturesPagesA
I_CryptUIProtect
CryptUIWizFreeCertRequestNoDS
CryptUIWizFreeDigitalSignContext
CryptUIDlgSelectCertificateFromStore
CryptUIWizSubmitCertRequestNoDS
CryptUIWizBuildCTL
CryptUIWizCertRequest
CryptUIDlgSelectStoreA
CryptUIDlgSelectCA
CryptUIDlgSelectCertificateA
CryptUIGetCertificatePropertiesPagesA
CryptUIWizDigitalSign
CryptUIDlgViewCRLA
CryptUIDlgCertMgr
CryptUIDlgViewCertificatePropertiesA
EnrollmentCOMObjectFactory_getInstance
WizardFree
CryptUIWizCreateCertRequestNoDS
ACUIProviderInvokeUI
CryptUIWizExport
I_CryptUIProtectFailure
CryptUIDlgViewContext
DllRegisterServer
CryptUIWizImport
LocalEnroll
CryptUIStartCertMgr
CryptUIFreeCertificatePropertiesPagesA
CryptUIDlgFreeCAContext
DllUnregisterServer

kernel32

ReadFile
ReadFileScatter
VirtualAlloc
lstrcmpiA
GetLocalTime
HeapSize
FileTimeToLocalFileTime
SetFilePointerEx
SetEnvironmentVariableA
GetNamedPipeInfo
InterlockedIncrement
GetStringTypeExA
ExpandEnvironmentStringsA
InterlockedDecrement
GetFileTime
InterlockedExchangeAdd
DeleteFileA
lstrcpyA
GetModuleHandleA
FreeEnvironmentStringsA
CallNamedPipeA
CompareStringA
GetSystemTimeAdjustment
GetEnvironmentVariableA
lstrcpynA
InterlockedFlushSList
IsBadStringPtrA
GetFileAttributesExA
GetSystemTimes
SetFirmwareEnvironmentVariableA
VirtualFree
GetStringTypeA
GetFileAttributesA
GetProcessHeaps
SetFilePointer
WaitNamedPipeA
FileTimeToSystemTime
DosDateTimeToFileTime
CreateFileA
FileTimeToDosDateTime
CloseHandle
InterlockedPushEntrySList
GetNamedPipeHandleStateA
ReadFileEx
WriteFileEx
GetSystemTime
lstrcatA
GetEnvironmentStringsA
lstrcmpA
HeapAlloc
WriteFile
DisconnectNamedPipe
SystemTimeToFileTime
InterlockedPopEntrySList
ConnectNamedPipe
GetSystemTimeAsFileTime
GetProcessHeap
lstrlenA
PeekNamedPipe
InterlockedCompareExchange

advpack

NeedReboot
AdvInstallFile
AddDelBackupEntry
LaunchINFSectionEx
ExtractFiles
FileSaveRestore
DelNodeRunDLL32
GetVersionFromFile
SetPerUserSecValues
IsNTAdmin
RegisterOCX
DelNode
CloseINFEngine
RegSaveRestore
ExecuteCab
DoInfInstall
OpenINFEngine
FileSaveRestoreOnINF
FileSaveMarkNotExist
LaunchINFSection
GetVersionFromFileEx
UserInstStubWrapper
RegRestoreAll
NeedRebootInit
RebootCheckOnInstall
UserUnInstStubWrapper
TranslateInfString
RunSetupCommand

user32

HideCaret
GetProcessDefaultLayout
LoadIconA
GetSysColor
PostQuitMessage
SetWindowLongA
CheckRadioButton
LoadMenuA
DestroyWindow
EndDialog
MessageBeep
EndPaint
DispatchMessageA
GetMenu
LoadStringA
SetCursor
DialogBoxParamA
GetDesktopWindow
CreateDialogParamA
IsChild
CreateWindowExA
CharNextA
EnableWindow
UpdateWindow
CheckMenuItem
SetDlgItemTextA
InvalidateRect
LoadAcceleratorsA
DefWindowProcA
TranslateMessage
SetWindowPos
GetWindowRect
GetSysColorBrush
SetMenu
GetDlgItem
RegisterClassExA
CloseClipboard
CheckMenuRadioItem
OpenClipboard
GetDlgCtrlID
MessageBoxA
SetWindowTextA
LoadCursorA
GetWindowTextA
SendMessageA
DestroyMenu
ScreenToClient
CheckDlgButton
IsDialogMessageA
GetClientRect
TrackPopupMenuEx
ChildWindowFromPoint
SystemParametersInfoA
TranslateAcceleratorA
DrawTextA
GetWindowLongA
SetDlgItemInt
GetSubMenu
GetMessageA
ShowWindow
SetFocus
CallWindowProcA
OffsetRect
WinHelpA
MapWindowPoints
SetProcessDefaultLayout

Sections

.text
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 728KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b04aa83bea025ddf361f8e9078a30439

Headers

DLL Characteristics

File Characteristics

Imports

cryptui

kernel32

advpack

user32

Sections

.text Size: 277KB - Virtual size: 277KB

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 96KB - Virtual size: 728KB

.text
Size: 277KB - Virtual size: 277KB

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 96KB - Virtual size: 728KB