3308810db4e36194958225415b687d11937b3a35339d3425a6aaf6eac764be09

Sharing

Copy URL

Twitter E-mail

General

Target

3308810db4e36194958225415b687d11937b3a35339d3425a6aaf6eac764be09
Size

99KB
MD5

21fadc2ce6e19e6fc693371c47be22a3
SHA1

f3332c3b772efc1c235c4a0ad7b9124e8d262b9d
SHA256

3308810db4e36194958225415b687d11937b3a35339d3425a6aaf6eac764be09
SHA512

0336097824fc50036d8f15e3d4ff226b867e03f4ae03e0df2c36be52079d726f1e6a9adf0a56e7327fa8eabd17f9b992a58ae2155ae889087accc885e8d047f8
SSDEEP

3072:YAOaN9MRkSQZfs/a1vsSey/FH6DKnS1QB:hOaN4Gs/atey+KS6B

Score

N/A

Malware Config

Signatures

Files

3308810db4e36194958225415b687d11937b3a35339d3425a6aaf6eac764be09
.exe windows x86

b012ad315414d36723b36158ad31ae30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__dllonexit
?terminate@@YAXXZ
wcsrchr
memmove
wcscmp
_except_handler3
wcscpy
wcsstr
??2@YAPAXI@Z
_onexit
__RTDynamicCast
_initterm
malloc
_wcsupr
vswprintf
_wcsicmp
_adjust_fdiv
wcstoul
wcscat
free
wcschr
??3@YAXPAX@Z
mbstowcs
wcslen
_purecall
??1type_info@@UAE@XZ

certcli

CAGetCAProperty
CAGetCertTypeProperty
CAEnumNextCertType
CAGetCertTypeKeySpec
CAEnumCertTypes
CAAddCACertificateType
CAFindCertTypeByName
CAFreeCertTypeExtensions
CASetCertTypeFlags
CAFreeCAProperty
CACloseCA
CAEnumCertTypesForCA
CASetCertTypeExtension
CACreateCertType
CASetCertTypeProperty
CARemoveCACertificateType
CAGetCertTypePropertyEx
CAUpdateCA
CACertTypeGetSecurity
CACertTypeSetSecurity
CAFindByName
CAGetCertTypeExtensions
CAGetCertTypeFlags
CAFreeCertTypeProperty
CACloseCertType
CASetCertTypeKeySpec
CAUpdateCertType

kernel32

GlobalUnlock
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
GetProcessId
GetModuleHandleA
GetLastError
GetCurrentProcess
CloseHandle
LocalReAlloc
SetLastError
GlobalAlloc
RemoveDirectoryW
lstrcmpiW
InterlockedIncrement
QueryPerformanceCounter
GetDateFormatW
GetEnvironmentStringsA
FormatMessageW
GetComputerNameW
GetACP
OutputDebugStringW
CreateFileW
GlobalLock
WideCharToMultiByte
GetEnvironmentStringsW
GlobalFree
FileTimeToSystemTime
GetModuleFileNameW
DeleteCriticalSection
LocalFree
IsValidCodePage
lstrlenW
SetUnhandledExceptionFilter
GetTickCount
GetSystemWindowsDirectoryW
GetStartupInfoA
OutputDebugStringA
InitializeCriticalSection
IsBadReadPtr
InterlockedDecrement
lstrcpyW
LoadLibraryW

user32

LoadBitmapW
LoadStringW
GetParent
ReleaseDC
PostMessageW
MessageBoxW
SendMessageW
LoadIconW
SetFocus
SendDlgItemMessageW
LoadCursorW
SetCursor
DialogBoxParamW
SystemParametersInfoW
RegisterClipboardFormatW
EnableWindow
InsertMenuItemW
GetDlgItemTextA
WinHelpW
wsprintfW
LoadImageW
SetDlgItemTextW
SetWindowLongW
GetDC
GetDlgItem
EndDialog
SetWindowTextW
GetWindowLongW

advapi32

RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW

comctl32

CreatePropertySheetPageW
PropertySheetW

gdi32

GetDeviceCaps
CreateFontIndirectW
DeleteObject

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b012ad315414d36723b36158ad31ae30

Headers

File Characteristics

Imports

msvcrt

certcli

kernel32

user32

advapi32

comctl32

gdi32

Sections

.text Size: 43KB - Virtual size: 43KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 102KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 43KB - Virtual size: 43KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 102KB

.rsrc
Size: 24KB - Virtual size: 24KB