c6ba1cc378c1212a14d94e7b3d92b5fe9231661b0dc6ea8dc4f2521ad498862d

Sharing

Copy URL

Twitter E-mail

General

Target

c6ba1cc378c1212a14d94e7b3d92b5fe9231661b0dc6ea8dc4f2521ad498862d
Size

98KB
MD5

94d6719e641c95facab303f7e74c068b
SHA1

a89a3a31ae35598066da2bc2398b13f932acb0e8
SHA256

c6ba1cc378c1212a14d94e7b3d92b5fe9231661b0dc6ea8dc4f2521ad498862d
SHA512

c412cd4b0fc21725d2f0714420cc0226d16e2d73e1a6828c9d36f2635503149298891524556fd8b751e2dc4430daa37daae1d57fe516fad57c1f22f0e5cbf07c
SSDEEP

1536:VXSyp7kki8RYfee+b8kNuVqR6wDu0A8HuVpdGwQXADBh7ZY5GtXiizu+9:Vb4BgO9UbumdlHmHGBaBhFY5aXPq+

Score

N/A

Malware Config

Signatures

Files

c6ba1cc378c1212a14d94e7b3d92b5fe9231661b0dc6ea8dc4f2521ad498862d
.exe windows x86

69750c433fe0a43af24367a256fce89d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExW
RegCloseKey
RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW

kernel32

LocalFree
GetProcessId
RemoveDirectoryW
GetDateFormatW
LoadLibraryW
InitializeCriticalSection
GetModuleHandleA
GetEnvironmentStringsW
GlobalLock
GetTickCount
GetSystemTimeAsFileTime
SetLastError
GetSystemWindowsDirectoryW
lstrcpyW
QueryPerformanceCounter
InterlockedDecrement
GetCurrentProcess
FileTimeToSystemTime
IsBadReadPtr
DeleteCriticalSection
GetComputerNameW
InterlockedIncrement
lstrcmpiW
GlobalFree
GetEnvironmentStringsA
WideCharToMultiByte
GetACP
LocalReAlloc
GetModuleFileNameW
GetStartupInfoA
lstrlenW
GetLastError
GlobalAlloc
CreateFileW
OutputDebugStringW
CloseHandle
IsValidCodePage
OutputDebugStringA
FileTimeToLocalFileTime
SetUnhandledExceptionFilter
GlobalUnlock
FormatMessageW

certcli

CAEnumCertTypesForCA
CARemoveCACertificateType
CASetCertTypeExtension
CACertTypeSetSecurity
CACreateCertType
CAUpdateCA
CAFindCertTypeByName
CACloseCertType
CAFindByName
CAGetCertTypeKeySpec
CASetCertTypeKeySpec
CAEnumCertTypes
CAEnumNextCertType
CAFreeCertTypeExtensions
CASetCertTypeFlags
CAGetCertTypeExtensions
CASetCertTypeProperty
CACertTypeGetSecurity
CAFreeCertTypeProperty
CAGetCertTypeFlags
CAGetCAProperty
CAGetCertTypePropertyEx
CAAddCACertificateType
CAFreeCAProperty
CAGetCertTypeProperty
CACloseCA
CAUpdateCertType

msvcrt

wcscpy
malloc
wcsrchr
??1type_info@@UAE@XZ
wcscat
__RTDynamicCast
wcstoul
_wcsupr
__dllonexit
vswprintf
_wcsicmp
wcsstr
wcschr
_purecall
wcscmp
free
_adjust_fdiv
??3@YAXPAX@Z
_except_handler3
wcslen
mbstowcs
memmove
??2@YAPAXI@Z
_initterm
_onexit
?terminate@@YAXXZ

gdi32

DeleteObject
GetDeviceCaps
CreateFontIndirectW

user32

GetDlgItemTextA
SendMessageW
GetDC
SetWindowLongW
LoadStringW
SendDlgItemMessageW
LoadCursorW
SetDlgItemTextW
GetDlgItem
SystemParametersInfoW
SetWindowTextW
WinHelpW
EndDialog
LoadBitmapW
PostMessageW
DialogBoxParamW
LoadIconW
wsprintfW
GetParent
SetFocus
RegisterClipboardFormatW
SetCursor
ReleaseDC
EnableWindow
InsertMenuItemW
GetWindowLongW
MessageBoxW
LoadImageW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69750c433fe0a43af24367a256fce89d

Headers

File Characteristics

Imports

advapi32

kernel32

certcli

msvcrt

gdi32

user32

comctl32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 88KB

.rsrc Size: 22KB - Virtual size: 22KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 88KB

.rsrc
Size: 22KB - Virtual size: 22KB