18874c512cdcd5067cf4f02f28562ecd5ec62b4cbe10b0d354fcd5b0ab228279

Sharing

Copy URL

Twitter E-mail

General

Target

18874c512cdcd5067cf4f02f28562ecd5ec62b4cbe10b0d354fcd5b0ab228279
Size

99KB
MD5

92f0853bfa136e5877312ffbb2683c48
SHA1

10f1772cb4f3c76be615016b1e67d103c97d10dd
SHA256

18874c512cdcd5067cf4f02f28562ecd5ec62b4cbe10b0d354fcd5b0ab228279
SHA512

62f126365e7d2a1753fc79c188bfe3c431b5bdbfb230898b3704d0333a62f4cb16ac859c6725374ccf7902000776a161b95dbeed3a6045e4781c10458a797df5
SSDEEP

3072:O63EQWxYWJTk9ghr9icyC9CPbtziM31Hl:/3j6w9ghRicyJpziMD

Score

N/A

Malware Config

Signatures

Files

18874c512cdcd5067cf4f02f28562ecd5ec62b4cbe10b0d354fcd5b0ab228279
.exe windows x86

5d532a3fc17d30d2a8ef74a4d3a0cf97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcstoul
wcscpy
free
memmove
??2@YAPAXI@Z
??1type_info@@UAE@XZ
??3@YAXPAX@Z
?terminate@@YAXXZ
_wcsupr
wcscat
wcscmp
wcslen
_onexit
wcsrchr
_initterm
mbstowcs
_adjust_fdiv
wcschr
_wcsicmp
vswprintf
_except_handler3
wcsstr
malloc
__dllonexit
__RTDynamicCast
_purecall

certcli

CAUpdateCertType
CAFindByName
CARemoveCACertificateType
CAEnumCertTypesForCA
CAGetCertTypeExtensions
CAGetCertTypeKeySpec
CACertTypeGetSecurity
CACloseCA
CAEnumCertTypes
CACloseCertType
CAAddCACertificateType
CASetCertTypeProperty
CAGetCertTypeFlags
CAGetCertTypeProperty
CACreateCertType
CASetCertTypeFlags
CAFreeCertTypeExtensions
CAFindCertTypeByName
CAFreeCAProperty
CAGetCertTypePropertyEx
CASetCertTypeExtension
CAGetCAProperty
CAFreeCertTypeProperty
CACertTypeSetSecurity
CASetCertTypeKeySpec
CAEnumNextCertType
CAUpdateCA

user32

InsertMenuItemW
GetDlgItem
LoadBitmapW
MessageBoxW
SendDlgItemMessageW
LoadIconW
SetDlgItemTextW
SystemParametersInfoW
wsprintfW
SetWindowTextW
SetWindowLongW
LoadCursorW
LoadImageW
SendMessageW
LoadStringW
PostMessageW
EnableWindow
GetParent
GetDC
GetWindowLongW
SetCursor
DialogBoxParamW
RegisterClipboardFormatW
SetFocus
WinHelpW
ReleaseDC
GetDlgItemTextA
EndDialog

kernel32

GlobalFree
GetComputerNameW
GlobalAlloc
GetEnvironmentStringsW
GetSystemDefaultLangID
FileTimeToLocalFileTime
lstrlenW
InitializeCriticalSection
lstrcmpiW
OutputDebugStringA
GetLastError
CloseHandle
GetModuleHandleA
GetTickCount
InterlockedDecrement
FormatMessageW
GetStartupInfoA
GetCurrentProcess
InterlockedIncrement
CreateFileW
GetModuleFileNameW
LocalFree
DeleteCriticalSection
IsBadReadPtr
GetDateFormatW
lstrcpyW
FileTimeToSystemTime
LoadLibraryW
GetSystemTimeAsFileTime
WideCharToMultiByte
QueryPerformanceCounter
GetSystemWindowsDirectoryW
GlobalLock
SetLastError
LocalReAlloc
GlobalUnlock
OutputDebugStringW
SetUnhandledExceptionFilter
GetACP
RemoveDirectoryW

advapi32

RegEnumKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

comctl32

PropertySheetW
CreatePropertySheetPageW

gdi32

CreateFontIndirectW
GetDeviceCaps
DeleteObject

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d532a3fc17d30d2a8ef74a4d3a0cf97

Headers

File Characteristics

Imports

msvcrt

certcli

user32

kernel32

advapi32

comctl32

gdi32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 128KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 128KB

.rsrc
Size: 23KB - Virtual size: 22KB