c1894d1bcb3dc7a98ec62bc2471fb570bcc07b9ce62103146bc4bb9ee704d12a

Sharing

Copy URL Twitter E-mail

General

Target

c1894d1bcb3dc7a98ec62bc2471fb570bcc07b9ce62103146bc4bb9ee704d12a
Size

99KB
MD5

355a706192aec9c9da82579a8375b63f
SHA1

876129a4bb23701b5238d103c188327b5b791b05
SHA256

c1894d1bcb3dc7a98ec62bc2471fb570bcc07b9ce62103146bc4bb9ee704d12a
SHA512

bfea195a96b70a3fc03b010a3313105528c33e755d6f729c74d939c853b42c820be7dbbda8154db18ebed447a98048d5dfaa885247b88916f81463416a1d98bd
SSDEEP

1536:N+DFNJDRnh7MERD7b5FeRmP3ISH5eO554p1YbdSdwwtyn5obn9yhxv3mNI:WFjNdRjGkP3ImeO5dSdwK9C9

Score

N/A

Malware Config

Signatures

Files

c1894d1bcb3dc7a98ec62bc2471fb570bcc07b9ce62103146bc4bb9ee704d12a
.exe windows x86

b88e18c878eeae87d2bb96c3599337ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_onexit
wcstoul
wcsrchr
wcsstr
__dllonexit
wcschr
_wcsicmp
__RTDynamicCast
malloc
??1type_info@@UAE@XZ
_wcsupr
??3@YAXPAX@Z
mbstowcs
_except_handler3
_adjust_fdiv
wcscat
vswprintf
?terminate@@YAXXZ
??2@YAPAXI@Z
_initterm
free
wcscpy
wcslen
memmove
wcscmp

certcli

CAEnumNextCertType
CAAddCACertificateType
CASetCertTypeProperty
CACloseCA
CAUpdateCertType
CAGetCertTypeFlags
CAGetCertTypeProperty
CAUpdateCA
CAFreeCAProperty
CACertTypeGetSecurity
CAEnumCertTypesForCA
CASetCertTypeFlags
CAGetCertTypeExtensions
CAFindCertTypeByName
CAGetCertTypePropertyEx
CASetCertTypeExtension
CACreateCertType
CAGetCertTypeKeySpec
CAFreeCertTypeExtensions
CASetCertTypeKeySpec
CACertTypeSetSecurity
CARemoveCACertificateType
CACloseCertType
CAFindByName
CAGetCAProperty
CAFreeCertTypeProperty
CAEnumCertTypes

kernel32

lstrcpyW
GetSystemWindowsDirectoryW
FileTimeToSystemTime
InterlockedIncrement
SetUnhandledExceptionFilter
GlobalFree
WideCharToMultiByte
GetProcAddress
OutputDebugStringA
GetTickCount
InitializeCriticalSection
GetDateFormatW
QueryPerformanceCounter
LoadLibraryW
OutputDebugStringW
GetComputerNameW
GetEnvironmentStringsW
LocalFree
IsBadReadPtr
CloseHandle
GetLastError
GetCPInfo
GetSystemTimeAsFileTime
LocalReAlloc
GetModuleHandleA
lstrlenW
GlobalLock
SetLastError
GlobalAlloc
GetCurrentProcess
GetModuleFileNameW
RemoveDirectoryA
GetStartupInfoA
lstrcmpiW
DeleteCriticalSection
GlobalUnlock
InterlockedDecrement
GetSystemDefaultLangID
FormatMessageW
CreateFileW
FileTimeToLocalFileTime

user32

wsprintfW
LoadImageW
SendMessageW
GetWindowLongW
MessageBoxW
SetCursor
SendDlgItemMessageW
GetParent
EnableWindow
GetDlgItem
ReleaseDC
SetWindowLongW
WinHelpW
SetWindowTextW
EndDialog
GetDC
SystemParametersInfoW
LoadIconW
RegisterClipboardFormatW
LoadBitmapW
SetFocus
InsertMenuItemW
SetDlgItemTextW
DialogBoxParamW
LoadStringW
GetDlgItemTextA
PostMessageW
LoadCursorW

comctl32

PropertySheetW
CreatePropertySheetPageW

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExW
RegDeleteKeyW
RegQueryValueExW
RegSetValueExW
RegEnumKeyExW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b88e18c878eeae87d2bb96c3599337ba

Headers

File Characteristics

Imports

msvcrt

certcli

kernel32

user32

comctl32

advapi32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 64KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 64KB

.rsrc
Size: 23KB - Virtual size: 23KB