ba7b6baf516c9f63ce053fe9a96b7cf7031f48298e9aa925a6900eac9a67ef62

Sharing

Copy URL

Twitter E-mail

General

Target

ba7b6baf516c9f63ce053fe9a96b7cf7031f48298e9aa925a6900eac9a67ef62
Size

175KB
MD5

98c759c2f7bf73076d25b89010b20a96
SHA1

1dce3661e4d96c882f2dc59ed4f639d375d03084
SHA256

ba7b6baf516c9f63ce053fe9a96b7cf7031f48298e9aa925a6900eac9a67ef62
SHA512

0d20d359bfb6aa385a6f11ac277c30741c78ed307d53ffcfb0b934d535dc07b4890392443dd446fdcf9d0891dd11c971db3be474b9becfb7d41bdf254c06402b
SSDEEP

3072:OlU/uyJH+ztioEX/7Klyeq4XvPh6cT5FYOyhF/QpS3nb7UMMnMMMMMX7I7Da:OEPJ+HEX/7leq2wcTXdyPQ8XbgMMnMM3

Score

N/A

Malware Config

Signatures

Files

ba7b6baf516c9f63ce053fe9a96b7cf7031f48298e9aa925a6900eac9a67ef62
.exe windows x86

58c84a0b8805da837f86da524a86f3be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DialogBoxParamW
GetDC
SetDlgItemTextA
CreateWindowExW
DialogBoxIndirectParamA
SetCursor
SetFocus
MessageBeep
SendDlgItemMessageA
SendMessageA
DialogBoxParamA
SendMessageW
LoadStringA
DialogBoxIndirectParamW
CallMsgFilterA
ShowWindow
EndDialog
GetDlgItemTextA
LoadCursorA
GetWindowLongA
GetParent
WinHelpA
SetWindowLongA
LoadImageA
GetDlgItem
ReleaseDC
GetWindowRect
EnableWindow
GetSysColor

shell32

ShellExecuteA

gdi32

GetTextExtentPointA
SelectObject
GetTextMetricsA
GetTextExtentPointW
GetTextMetricsW
DeleteObject

shlwapi

StrCatBuffW

wintrust

WTHelperGetProvCertFromChain
WTHelperCertIsSelfSigned
WintrustAddActionID
WinVerifyTrust
WintrustRemoveActionID
WTHelperGetProvSignerFromChain

msi

MsiDatabaseExportW

kernel32

InitializeCriticalSection
SetProcessWorkingSetSize
QueryPerformanceCounter
EnterCriticalSection
lstrcmpiA
VirtualAlloc
CompareFileTime
HeapFree
HeapAlloc
UnhandledExceptionFilter
FileTimeToSystemTime
lstrlenW
GetSystemTimeAsFileTime
GetTickCount
HeapReAlloc
GetDateFormatA
GetCurrentProcess
TerminateProcess
DeleteCriticalSection
WinExec
GetCurrentProcessId
GetProcAddress
GetCommandLineA
lstrlenA
LeaveCriticalSection
SetUnhandledExceptionFilter
ExitProcess
GetCurrentThreadId

cfgmgr32

CM_Get_Child

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 736KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58c84a0b8805da837f86da524a86f3be

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

gdi32

shlwapi

wintrust

msi

kernel32

cfgmgr32

Sections

.text Size: 2KB - Virtual size: 2KB

.data Size: 76KB - Virtual size: 736KB

.rdata Size: 15KB - Virtual size: 15KB

.idata Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 28B

.rsrc Size: 77KB - Virtual size: 77KB

.text
Size: 2KB - Virtual size: 2KB

.data
Size: 76KB - Virtual size: 736KB

.rdata
Size: 15KB - Virtual size: 15KB

.idata
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 28B

.rsrc
Size: 77KB - Virtual size: 77KB