1888419670009bf77a5cc68667322b922c2ee705e91b3a8104ff0200f7a9faae

Sharing

Copy URL

Twitter E-mail

General

Target

1888419670009bf77a5cc68667322b922c2ee705e91b3a8104ff0200f7a9faae
Size

826KB
MD5

180f5819bf34cf42b73ad9fba0db9f11
SHA1

3257a1afc5e1e5eb8599a1192de1b3f73fdef56b
SHA256

1888419670009bf77a5cc68667322b922c2ee705e91b3a8104ff0200f7a9faae
SHA512

641684ebebf576f49d4e654ec9e70e1cc65102a234e630f2dac918aceadc474934c65dcedc5aa80a2113807abd96a71b6e00934e5997a092f60f11a67936d290
SSDEEP

24576:TIX3H/80hDRIw8WVlGe50TBQJiV1UTp6aF:Tw80hDmw8WPMVgiE8

Score

N/A

Malware Config

Signatures

Files

1888419670009bf77a5cc68667322b922c2ee705e91b3a8104ff0200f7a9faae
.exe windows x86

818db1b5dc6edae9a0407c1d2dac7bc3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

cryptdlg

CertConfigureTrustA
FormatVerisignExtension
DecodeRecipientID
CertConfigureTrustW
CertSelectCertificateW
CertTrustCleanup
EncodeRecipientID
CertViewPropertiesA
GetFriendlyNameOfCertA
CertViewPropertiesW
CertTrustInit
CertTrustCertPolicy
CertModifyCertificatesToTrust
CertSelectCertificateA

kernel32

SetLastError
FlushInstructionCache
GlobalDeleteAtom
GetTapeStatus
IsDBCSLeadByte
SetConsoleScreenBufferSize
EnumResourceTypesA
GlobalFindAtomW
QueryDosDeviceW
GetProcAddress
SetDefaultCommConfigA
GetCurrentProcess
DeleteFileA
LoadLibraryA
WriteFile
_lclose
GetConsoleAliasExesA
WriteConsoleInputW
PrepareTape
CreateDirectoryExA
GetModuleHandleA
SetCommBreak

msvcrt

__set_app_type
__p__commode
exit
__getmainargs

ole32

ComPs_NdrDllUnregisterProxy
CoCreateFreeThreadedMarshaler
OleCreateFromFile
CLSIDFromString
OleNoteObjectVisible
CoSetProxyBlanket
CLIPFORMAT_UserSize
HGLOBAL_UserUnmarshal

advapi32

CryptEnumProvidersW
WmiEnumerateGuids
ElfBackupEventLogFileW
SystemFunction040
AddAuditAccessAceEx
GetSecurityDescriptorRMControl
GetServiceDisplayNameW
ElfClearEventLogFileW
RegOpenKeyExW
AreAnyAccessesGranted
CredEnumerateW
GetSecurityDescriptorDacl
CryptGenRandom
ConvertSecurityDescriptorToAccessW

Sections

.text
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

818db1b5dc6edae9a0407c1d2dac7bc3

Headers

DLL Characteristics

File Characteristics

Imports

cryptdlg

kernel32

msvcrt

ole32

advapi32

Sections

.text Size: 363KB - Virtual size: 362KB

.rdata Size: 104KB - Virtual size: 104KB

.data Size: 197KB - Virtual size: 1.6MB

.rsrc Size: 159KB - Virtual size: 159KB

.reloc Size: 1024B - Virtual size: 900B

.text
Size: 363KB - Virtual size: 362KB

.rdata
Size: 104KB - Virtual size: 104KB

.data
Size: 197KB - Virtual size: 1.6MB

.rsrc
Size: 159KB - Virtual size: 159KB

.reloc
Size: 1024B - Virtual size: 900B