5ac02851ccdd5650b5f635601f337c315d24693c8b70598c02813444258b07d4

Sharing

Copy URL Twitter E-mail

General

Target

5ac02851ccdd5650b5f635601f337c315d24693c8b70598c02813444258b07d4
Size

380KB
MD5

3f9d25dc24ca1246333a37251e755280
SHA1

d8998ceda1f46f3d8b2a94d07ab50de3ee616c8e
SHA256

5ac02851ccdd5650b5f635601f337c315d24693c8b70598c02813444258b07d4
SHA512

5c3852db195c9d622682042eaad6382f07924c67459da9b7e1c27443fac390aa45f22d6e00d04eeac128f956ed49ef21a709c19efe0e3e23b001c6a124c5a4d5
SSDEEP

6144:UXnCVK49m3sxWchrlroEvQiTsEBk1obp4O/uFvCmlFyH/BVeNkt8aAvImkS8:p596chryEsQJ4O/yDlFqGkt8HIpS8

Score

N/A

Malware Config

Signatures

Files

5ac02851ccdd5650b5f635601f337c315d24693c8b70598c02813444258b07d4
.exe windows x86

0236b76c2629f17906f90d09419a5518

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

BeginPaint
EndPaint
IsClipboardFormatAvailable
ShowWindow
CheckDlgButton
RegisterClassExA
HideCaret
LoadStringA
LoadIconA
CreateWindowExA
DestroyMenu
GetSysColor
SetCursor
SetWindowTextA
CloseClipboard
SendMessageA
CharNextA
GetMenu
CallWindowProcA
SystemParametersInfoA
LoadCursorA
WinHelpA
MessageBoxA
CheckMenuItem
PostQuitMessage
MapWindowPoints
SetDlgItemInt
TrackPopupMenuEx
GetMessageA
EnableMenuItem
GetWindowTextA
IsDialogMessageA
ChildWindowFromPoint
IsChild
TranslateAcceleratorA
GetDlgCtrlID
CheckRadioButton
GetDesktopWindow
ScreenToClient
GetClipboardData
EnableWindow
GetProcessDefaultLayout
SetFocus
CheckMenuRadioItem
SetDlgItemTextA
TranslateMessage
MessageBeep
InvalidateRect
GetClientRect
SetWindowLongA
LoadAcceleratorsA
CreateDialogParamA
DestroyWindow
DefWindowProcA
GetWindowLongA
SetProcessDefaultLayout
UpdateWindow
GetSysColorBrush
SetWindowPos
LoadMenuA
GetSubMenu
OffsetRect
EndDialog
DialogBoxParamA
DispatchMessageA
SetMenu
GetDlgItem
GetWindowRect
OpenClipboard

kernel32

SetNamedPipeHandleState
SetEnvironmentVariableA
DosDateTimeToFileTime
ReadFileScatter
GetFileAttributesExA
ExpandEnvironmentStringsA
FileTimeToSystemTime
IsBadStringPtrA
GetStringTypeA
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GetNamedPipeHandleStateA
lstrcpyA
DisconnectNamedPipe
WriteFileEx
GetNamedPipeInfo
SetFilePointerEx
GetSystemTime
GetSystemTimeAdjustment
InterlockedExchangeAdd
GetFirmwareEnvironmentVariableA
CloseHandle
GetProcessHeap
GetFileAttributesA
InterlockedFlushSList
SetFilePointer
GetStringTypeExA
VirtualAlloc
VirtualFree
GetProcessHeaps
GetSystemTimes
InterlockedDecrement
InterlockedIncrement
lstrlenA
InterlockedCompareExchange
InterlockedPopEntrySList
lstrcmpA
lstrcatA
lstrcpynA
GetEnvironmentVariableA
GetModuleHandleA
GetLocalTime
GetEnvironmentStringsA
HeapSize
CreateFileA
ReadFile
FileTimeToDosDateTime
FileTimeToLocalFileTime
InterlockedPushEntrySList
SystemTimeToFileTime
lstrcmpiA
DeleteFileA
SetFirmwareEnvironmentVariableA
PeekNamedPipe
ReadFileEx
CallNamedPipeA
TransactNamedPipe
HeapAlloc
GetFileTime
ConnectNamedPipe
WriteFileGather
CompareStringA
InterlockedExchange
WaitNamedPipeA
WriteFile

cryptui

ACUIProviderInvokeUI
CryptUIWizImport
CryptUIWizExport
LocalEnrollNoDS
DllUnregisterServer
CryptUIWizQueryCertRequestNoDS
CryptUIStartCertMgr
CryptUIDlgViewSignerInfoA
CryptUIWizFreeDigitalSignContext
CryptUIDlgSelectCertificateFromStore
CryptUIDlgViewCertificateA
CryptUIDlgSelectCertificateA
CryptUIWizBuildCTL
CryptUIWizSubmitCertRequestNoDS
CryptUIWizDigitalSign
CryptUIWizCreateCertRequestNoDS
CryptUIFreeCertificatePropertiesPagesA
CryptUIDlgViewCRLA
CryptUIGetViewSignaturesPagesA
CryptUIDlgFreeCAContext
CryptUIDlgCertMgr
RetrievePKCS7FromCA
CryptUIDlgViewCTLA
CryptUIDlgViewCertificatePropertiesA
CryptUIDlgViewContext
CryptUIWizCertRequest
DllRegisterServer
LocalEnroll
EnrollmentCOMObjectFactory_getInstance
CryptUIDlgSelectCA
I_CryptUIProtectFailure
CryptUIGetCertificatePropertiesPagesA
CryptUIFreeViewSignaturesPagesA
I_CryptUIProtect
CryptUIDlgSelectStoreA

advpack

DelNode
CloseINFEngine
LaunchINFSection
OpenINFEngine
LaunchINFSectionEx
ExecuteCab
NeedReboot
GetVersionFromFile
FileSaveMarkNotExist
GetVersionFromFileEx
RebootCheckOnInstall
RegisterOCX
RunSetupCommand
RegRestoreAll
TranslateInfStringEx
RegInstall
AdvInstallFile
RegSaveRestore
FileSaveRestoreOnINF
RegSaveRestoreOnINF
UserUnInstStubWrapper
FileSaveRestore
SetPerUserSecValues
DelNodeRunDLL32
NeedRebootInit
ExtractFiles
IsNTAdmin
DoInfInstall
AddDelBackupEntry
TranslateInfString
UserInstStubWrapper

Sections

.text
Size: 275KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 720KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0236b76c2629f17906f90d09419a5518

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

cryptui

advpack

Sections

.text Size: 275KB - Virtual size: 275KB

.data Size: 10KB - Virtual size: 9KB

.rsrc Size: 94KB - Virtual size: 720KB

.text
Size: 275KB - Virtual size: 275KB

.data
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 94KB - Virtual size: 720KB