851ce3c9237913dd3277f862946f5bf5f360ba029f7450c639869f19c985c22d

Sharing

Copy URL Twitter E-mail

General

Target

851ce3c9237913dd3277f862946f5bf5f360ba029f7450c639869f19c985c22d
Size

97KB
MD5

1b3e760a5379542e1f229d7ed0597953
SHA1

5f6bf625687d5da987adc6569b4b55951d3a155f
SHA256

851ce3c9237913dd3277f862946f5bf5f360ba029f7450c639869f19c985c22d
SHA512

cc108faed141e82f9073a7d780a77735fefcb06a699d6d1a1644cd56a068c24b53c092743c68230fe7b030d289cf59c11cb9a48724551e89005b5f2d4156e972
SSDEEP

1536:5pIK+OBmAyXJ7dzwa+5JL8ooRDSKlZO2fqfa+jWxvPZzey4vZ4EAf7Traghw:5pIoBiJ7RoJKDDiy+yjT8ZHIC4w

Score

N/A

Malware Config

Signatures

Files

851ce3c9237913dd3277f862946f5bf5f360ba029f7450c639869f19c985c22d
.exe windows x86

7134fc125ad6231af04a685a340e0e9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

mbstowcs
?terminate@@YAXXZ
_wcsupr
__RTDynamicCast
wcscmp
??3@YAXPAX@Z
_adjust_fdiv
wcslen
wcschr
__dllonexit
wcstoul
_onexit
_except_handler3
wcscat
wcsrchr
wcsstr
??2@YAPAXI@Z
??1type_info@@UAE@XZ
_initterm
memmove
malloc
free
_purecall
_wcsicmp
vswprintf
wcscpy

certcli

CACloseCA
CASetCertTypeKeySpec
CAEnumNextCertType
CACertTypeGetSecurity
CAUpdateCA
CAEnumCertTypes
CACloseCertType
CAFreeCAProperty
CAEnumCertTypesForCA
CAGetCertTypeFlags
CASetCertTypeFlags
CAGetCertTypeProperty
CAGetCertTypeKeySpec
CAUpdateCertType
CAGetCertTypePropertyEx
CAAddCACertificateType
CARemoveCACertificateType
CAFreeCertTypeProperty
CAGetCertTypeExtensions
CAFreeCertTypeExtensions
CAFindCertTypeByName
CACertTypeSetSecurity
CACreateCertType
CASetCertTypeProperty
CASetCertTypeExtension
CAFindByName
CAGetCAProperty

kernel32

SetUnhandledExceptionFilter
GetLastError
FileTimeToLocalFileTime
CreateFileW
lstrlenW
GlobalFree
LocalReAlloc
IsValidCodePage
GlobalUnlock
LoadLibraryW
QueryPerformanceCounter
WideCharToMultiByte
FormatMessageW
GetStartupInfoA
OutputDebugStringA
SetLastError
GetModuleHandleA
GlobalLock
FileTimeToSystemTime
DeleteCriticalSection
LocalFree
GetEnvironmentStringsW
GetDateFormatW
GetEnvironmentStringsA
GetSystemTimeAsFileTime
OutputDebugStringW
lstrcpyW
IsBadReadPtr
GetTickCount
InitializeCriticalSection
GetSystemWindowsDirectoryW
lstrcmpiW
GetProcessId
GetCurrentProcess
RemoveDirectoryW
GlobalAlloc
CloseHandle
GetModuleFileNameW
GetComputerNameW
InterlockedDecrement
InterlockedIncrement
GetACP

user32

SetFocus
SetWindowTextW
SetDlgItemTextW
GetParent
EndDialog
EnableWindow
LoadCursorW
SendMessageW
PostMessageW
SetWindowLongW
SendDlgItemMessageW
ReleaseDC
LoadImageW
LoadIconW
RegisterClipboardFormatW
GetDC
SetCursor
GetDlgItem
LoadBitmapW
GetDlgItemTextA
LoadStringW
GetWindowLongW
DialogBoxParamW
WinHelpW
SystemParametersInfoW
MessageBoxW
wsprintfW
InsertMenuItemW

gdi32

GetDeviceCaps
DeleteObject
CreateFontIndirectW

comctl32

PropertySheetW
CreatePropertySheetPageW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7134fc125ad6231af04a685a340e0e9b

Headers

File Characteristics

Imports

msvcrt

certcli

kernel32

user32

gdi32

comctl32

advapi32

Sections

.text Size: 43KB - Virtual size: 42KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 130KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 43KB - Virtual size: 42KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 130KB

.rsrc
Size: 23KB - Virtual size: 22KB