6db285f8c27b0d2fd0665a4891f0c7298cfdfd4bc4181b785fb1c15fc57ff417

Sharing

Copy URL Twitter E-mail

General

Target

6db285f8c27b0d2fd0665a4891f0c7298cfdfd4bc4181b785fb1c15fc57ff417
Size

198KB
MD5

47cb02733763b7adeee1937ba520ee80
SHA1

27fe4130648ed2ab0046d819d08748f269f51fd9
SHA256

6db285f8c27b0d2fd0665a4891f0c7298cfdfd4bc4181b785fb1c15fc57ff417
SHA512

226aed3fbb4614230fea8ccf07a96510ac9e9dfd2cde2eb90a40955f5f4a7c616a68ea809d76626a33c1ce8294837d5ac11c89feda886ca1cd05f060fd05e4f5
SSDEEP

6144:zops+8+Q8PpB4tpOzQRnzy8ee0UPKxNkmh:zSs+TPo9nWBe0UPKp

Score

N/A

Malware Config

Signatures

Files

6db285f8c27b0d2fd0665a4891f0c7298cfdfd4bc4181b785fb1c15fc57ff417
.exe windows x86

2f71cec56ca9eda2a3f0c49bf6442950

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
InitializeCriticalSection
OutputDebugStringW
lstrcpyW
GlobalUnlock
GlobalLock
DeleteFileA
InterlockedIncrement
IsBadReadPtr
GlobalAlloc
IsValidCodePage
lstrcmpiW
InterlockedDecrement
GetSystemTimeAsFileTime
GetEnvironmentStringsA
DeleteCriticalSection
GetDateFormatW
WideCharToMultiByte
GetStartupInfoA
LoadLibraryW
FileTimeToSystemTime
GetLastError
FileTimeToLocalFileTime
MultiByteToWideChar
GetComputerNameW
OutputDebugStringA
GetProcAddress
GetSystemWindowsDirectoryW
SetUnhandledExceptionFilter
GlobalFree
QueryPerformanceCounter
CreateFileW
GetModuleFileNameW
LocalReAlloc
GetCPInfo
FormatMessageW
lstrlenW
GetModuleHandleA
LocalFree
CloseHandle
GetCurrentProcess
SetLastError

msvcrt

wcsrchr
mbstowcs
wcscmp
_purecall
free
_wcsupr
_wcsicmp
??2@YAPAXI@Z
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_initterm
wcstoul
_onexit
_except_handler3
malloc
__RTDynamicCast
memmove
wcschr
__dllonexit
_adjust_fdiv
wcscat
wcsstr
vswprintf
wcscpy
??3@YAXPAX@Z
wcslen

certcli

CAGetCertTypeExtensions
CAUpdateCertType
CASetCertTypeProperty
CAEnumCertTypes
CASetCertTypeKeySpec
CAFindCertTypeByName
CASetCertTypeExtension
CAUpdateCA
CAGetCertTypeKeySpec
CAFreeCertTypeExtensions
CAFindByName
CAEnumCertTypesForCA
CACertTypeSetSecurity
CAGetCertTypePropertyEx
CACreateCertType
CACloseCA
CARemoveCACertificateType
CAGetCertTypeFlags
CAFreeCertTypeProperty
CACloseCertType
CAEnumNextCertType
CAGetCertTypeProperty
CAGetCAProperty
CAFreeCAProperty
CASetCertTypeFlags
CACertTypeGetSecurity
CAAddCACertificateType

comctl32

PropertySheetW
CreatePropertySheetPageW

user32

GetDC
wsprintfW
ReleaseDC
SetDlgItemTextW
LoadIconW
LoadCursorW
MessageBoxW
InsertMenuItemW
EndDialog
WinHelpW
LoadBitmapW
DialogBoxParamW
GetParent
GetDlgItem
RegisterClipboardFormatW
SetWindowTextW
SetCursor
GetDlgItemTextA
SystemParametersInfoW
LoadImageW
SetFocus
SendDlgItemMessageW
GetWindowLongW
PostMessageW
LoadStringW
SetWindowLongW
SendMessageW
EnableWindow

gdi32

DeleteObject
CreateFontIndirectW
GetDeviceCaps

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegDeleteKeyW
RegSetValueExW
RegCloseKey
RegDeleteValueW

ole32

CoTaskMemFree
CoTaskMemAlloc
ReleaseStgMedium
StringFromCLSID
CoCreateInstanceEx
GetHGlobalFromStream
CoSetProxyBlanket
StringFromGUID2
CreateStreamOnHGlobal

shell32

ShellExecuteW
ShellExecuteExW

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 78KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f71cec56ca9eda2a3f0c49bf6442950

Headers

File Characteristics

Imports

kernel32

msvcrt

certcli

comctl32

user32

gdi32

advapi32

ole32

shell32

Sections

.text Size: 69KB - Virtual size: 69KB

.rdata Size: 45KB - Virtual size: 45KB

.hdata Size: 78KB - Virtual size: 3.2MB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 69KB - Virtual size: 69KB

.rdata
Size: 45KB - Virtual size: 45KB

.hdata
Size: 78KB - Virtual size: 3.2MB

.rsrc
Size: 3KB - Virtual size: 2KB