406b8c44b7071f9a2cbb307346ef2d283bf56a16428bf0a84a6a114a973855fb

Sharing

Copy URL Twitter E-mail

General

Target

406b8c44b7071f9a2cbb307346ef2d283bf56a16428bf0a84a6a114a973855fb
Size

885KB
MD5

52f97e616ecb431d7d2be83c2e138850
SHA1

bd4a16ac9e7b6d1fc3cb21101968992c8e964d70
SHA256

406b8c44b7071f9a2cbb307346ef2d283bf56a16428bf0a84a6a114a973855fb
SHA512

397515868af9e0854c2fa0ea5d89b905b9640b786cce7d10479b60624687aa5e0479cd370e04d01e39457cda94607cd8e4bd43b43103e7134aad4022f29aee7e
SSDEEP

24576:13I9P7LCUvdIn7idit9H1lMS8/dZ/+bze7fU4/Q:13I9qSdO7ict9H1lfIl7fU3

Score

N/A

Malware Config

Signatures

Files

406b8c44b7071f9a2cbb307346ef2d283bf56a16428bf0a84a6a114a973855fb
.exe windows x86

f79fe7ff93d4fed8ff8c5f2cc871a0e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
lstrcmpiW
GetModuleFileNameW
lstrcpyW
GetProcAddress
GetLastError
GetDateFormatW
IsValidCodePage
GlobalAlloc
GlobalFree
QueryPerformanceCounter
GetSystemWindowsDirectoryW
GetStartupInfoA
WideCharToMultiByte
IsBadReadPtr
LocalReAlloc
GlobalUnlock
lstrlenW
SetUnhandledExceptionFilter
RemoveDirectoryA
GetModuleHandleA
FileTimeToLocalFileTime
GetACP
CreateFileW
DeleteCriticalSection
SetLastError
FileTimeToSystemTime
OutputDebugStringW
LocalFree
GetComputerNameW
InterlockedDecrement
GetSystemTimeAsFileTime
InitializeCriticalSection
InterlockedIncrement
OutputDebugStringA
LoadLibraryW
FormatMessageW
CloseHandle
GetTickCount
GetCurrentProcess
GetEnvironmentStringsA

user32

EnableWindow
GetDlgItem
GetDlgItemTextA
RegisterClipboardFormatW
MessageBoxW
SetWindowLongW
WinHelpW
SetDlgItemTextW
GetParent
GetWindowLongW
SetFocus
SendDlgItemMessageW
LoadCursorW
EndDialog
LoadStringW
SystemParametersInfoW
PostMessageW
SetWindowTextW
wsprintfW
SetCursor
ReleaseDC
LoadImageW
SendMessageW
LoadIconW
DialogBoxParamW
LoadBitmapW
InsertMenuItemW
GetDC

gdi32

DeleteObject
CreateFontIndirectW
GetDeviceCaps

msvcrt

??3@YAXPAX@Z
_onexit
__dllonexit
__RTDynamicCast
memmove
_except_handler3
?terminate@@YAXXZ
_purecall
wcscpy
_adjust_fdiv
free
mbstowcs
??2@YAPAXI@Z
wcsstr
??1type_info@@UAE@XZ
wcschr
_wcsicmp
wcsrchr
_wcsupr
wcstoul
_initterm
vswprintf
wcscat
wcscmp
wcslen
malloc

certcli

CAGetCertTypeExtensions
CACloseCA
CAGetCertTypeKeySpec
CASetCertTypeExtension
CACreateCertType
CAEnumCertTypesForCA
CAGetCertTypeProperty
CAFreeCertTypeExtensions
CACloseCertType
CAEnumCertTypes
CASetCertTypeFlags
CAFreeCertTypeProperty
CAGetCertTypePropertyEx
CARemoveCACertificateType
CACertTypeGetSecurity
CAUpdateCertType
CAUpdateCA
CAGetCAProperty
CAAddCACertificateType
CASetCertTypeProperty
CAFindCertTypeByName
CACertTypeSetSecurity
CAGetCertTypeFlags
CAEnumNextCertType
CAFindByName
CASetCertTypeKeySpec
CAFreeCAProperty

advapi32

RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
RegQueryValueExW
RegDeleteKeyW
RegEnumKeyExW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 385KB - Virtual size: 385KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 188KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 177KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f79fe7ff93d4fed8ff8c5f2cc871a0e5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

certcli

advapi32

comctl32

Sections

.text Size: 385KB - Virtual size: 385KB

.rdata Size: 132KB - Virtual size: 132KB

.data Size: 188KB - Virtual size: 1.8MB

.rsrc Size: 177KB - Virtual size: 176KB

.reloc Size: 1024B - Virtual size: 932B

.text
Size: 385KB - Virtual size: 385KB

.rdata
Size: 132KB - Virtual size: 132KB

.data
Size: 188KB - Virtual size: 1.8MB

.rsrc
Size: 177KB - Virtual size: 176KB

.reloc
Size: 1024B - Virtual size: 932B