17b5a58e081d7a98c83e161a629cdc3535303b083a453822663a929689db18ad

Sharing

Copy URL Twitter E-mail

General

Target

17b5a58e081d7a98c83e161a629cdc3535303b083a453822663a929689db18ad
Size

100KB
MD5

808d2d66605bac9ef77d4081b272bd19
SHA1

08dffbb391c3d62d76e61bf7f062a88bb292b162
SHA256

17b5a58e081d7a98c83e161a629cdc3535303b083a453822663a929689db18ad
SHA512

5a2e70f1480805b587afd7bda8f661d4f1093e3a91ea9c0d9cf6dbfecb07edd707ceeb41df9a3efd2983468122b165bf618c2e6cf5ca5568c998754e2a81318d
SSDEEP

1536:F+HucS9q7N69S+1NYiPP2uNaU4yM3pvVQxe4B+URbNOdd+H+VZ9MMM:F+HuVM7gaQtIU4yMxVydHRbNjeVrMMM

Score

N/A

Malware Config

Signatures

Files

17b5a58e081d7a98c83e161a629cdc3535303b083a453822663a929689db18ad
.exe windows x86

5c03b6d14f8e5cfc22e18beec104720b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAFreeCertTypeExtensions
CAFreeCAProperty
CACreateCertType
CASetCertTypeKeySpec
CAGetCertTypeProperty
CASetCertTypeExtension
CAFindCertTypeByName
CAGetCertTypeExtensions
CAEnumCertTypes
CAUpdateCertType
CAEnumNextCertType
CASetCertTypeProperty
CAUpdateCA
CAFindByName
CAGetCertTypeKeySpec
CAAddCACertificateType
CAGetCAProperty
CACertTypeSetSecurity
CAEnumCertTypesForCA
CASetCertTypeFlags
CAGetCertTypePropertyEx
CARemoveCACertificateType
CAGetCertTypeFlags
CACloseCA
CAFreeCertTypeProperty
CACloseCertType
CACertTypeGetSecurity

kernel32

GetModuleHandleA
GetEnvironmentStringsW
WideCharToMultiByte
GetSystemWindowsDirectoryW
GetProcessId
FormatMessageW
InitializeCriticalSection
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetComputerNameW
IsBadReadPtr
GlobalFree
lstrlenW
GetEnvironmentStringsA
LocalReAlloc
OutputDebugStringW
LocalFree
lstrcmpiW
SetLastError
GlobalLock
RemoveDirectoryW
DeleteCriticalSection
GetACP
QueryPerformanceCounter
CloseHandle
FileTimeToLocalFileTime
GlobalUnlock
LoadLibraryW
lstrcpyW
GlobalAlloc
GetModuleFileNameW
InterlockedIncrement
IsValidCodePage
GetStartupInfoA
InterlockedDecrement
GetLastError
CreateFileW
GetTickCount
FileTimeToSystemTime
GetDateFormatW
GetCurrentProcess
OutputDebugStringA

gdi32

GetDeviceCaps
CreateFontIndirectW
DeleteObject

msvcrt

_purecall
__RTDynamicCast
?terminate@@YAXXZ
_wcsicmp
_initterm
??3@YAXPAX@Z
??1type_info@@UAE@XZ
wcscpy
memmove
free
wcscat
wcstoul
wcsstr
malloc
wcslen
wcscmp
wcsrchr
wcschr
mbstowcs
_wcsupr
_except_handler3
??2@YAPAXI@Z
vswprintf
_onexit
_adjust_fdiv
__dllonexit

user32

LoadStringW
LoadBitmapW
LoadIconW
LoadImageW
GetDC
SetFocus
MessageBoxW
GetParent
GetDlgItemTextA
ReleaseDC
PostMessageW
WinHelpW
EndDialog
SendMessageW
SendDlgItemMessageW
GetWindowLongW
GetDlgItem
EnableWindow
InsertMenuItemW
SetDlgItemTextW
SetWindowLongW
SetWindowTextW
SetCursor
DialogBoxParamW
SystemParametersInfoW
LoadCursorW
RegisterClipboardFormatW
wsprintfW

comctl32

PropertySheetW
CreatePropertySheetPageW

advapi32

RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c03b6d14f8e5cfc22e18beec104720b

Headers

File Characteristics

Imports

certcli

kernel32

gdi32

msvcrt

user32

comctl32

advapi32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 106KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 106KB

.rsrc
Size: 24KB - Virtual size: 24KB