56b20c0dc5b0bd5a215a3f0f0d01f56419f5350651ab65e28b82028ce647c712

Sharing

Copy URL Twitter E-mail

General

Target

56b20c0dc5b0bd5a215a3f0f0d01f56419f5350651ab65e28b82028ce647c712
Size

100KB
MD5

e4a783d9bb3616524526e71466ffa9dd
SHA1

46b611560c85d803ae816f881c35989e38e8bfc9
SHA256

56b20c0dc5b0bd5a215a3f0f0d01f56419f5350651ab65e28b82028ce647c712
SHA512

99f59cc0b5d3bcc9d77f9b6e7b5b63b00e61f17d165ad94aa78a497fb6abadfaedea8f756693130d76438507be6d771d05767b699d4903afa05eed62882c281d
SSDEEP

1536:skGPISlTZyKCj17APyZu7itEYWzzPscKbu6ym2CCjO3T5mdZJdwdqCxHuWxElZ1:HyIoPyZis2PWbu6ytSAwUCxOW

Score

N/A

Malware Config

Signatures

Files

56b20c0dc5b0bd5a215a3f0f0d01f56419f5350651ab65e28b82028ce647c712
.exe windows x86

d4fa63938616de7c0420d216cf3e8de4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAFreeCAProperty
CAGetCertTypeKeySpec
CAFreeCertTypeExtensions
CAUpdateCertType
CAGetCertTypeProperty
CAFindCertTypeByName
CAFreeCertTypeProperty
CACloseCertType
CASetCertTypeKeySpec
CAGetCertTypeExtensions
CAEnumNextCertType
CAUpdateCA
CAGetCertTypeFlags
CASetCertTypeFlags
CACloseCA
CAAddCACertificateType
CACertTypeSetSecurity
CASetCertTypeProperty
CAFindByName
CACreateCertType
CAGetCAProperty
CACertTypeGetSecurity
CAEnumCertTypesForCA
CASetCertTypeExtension
CAEnumCertTypes
CAGetCertTypePropertyEx
CARemoveCACertificateType

msvcrt

_wcsicmp
wcsrchr
mbstowcs
memmove
__dllonexit
??1type_info@@UAE@XZ
_except_handler3
vswprintf
malloc
??2@YAPAXI@Z
_onexit
free
_initterm
__RTDynamicCast
wcsstr
wcscmp
wcscpy
??3@YAXPAX@Z
wcslen
wcstoul
?terminate@@YAXXZ
_wcsupr
wcschr
_adjust_fdiv
wcscat

user32

SendDlgItemMessageW
LoadImageW
GetDC
wsprintfW
LoadBitmapW
SetFocus
ReleaseDC
EnableWindow
SetDlgItemTextW
GetParent
PostMessageW
LoadIconW
InsertMenuItemW
DialogBoxParamW
GetDlgItemTextA
GetWindowLongW
WinHelpW
LoadStringW
LoadCursorW
RegisterClipboardFormatW
GetDlgItem
SetCursor
MessageBoxW
SetWindowLongW
SetWindowTextW
EndDialog
SystemParametersInfoW
SendMessageW

kernel32

OutputDebugStringW
LocalReAlloc
CloseHandle
GetEnvironmentStringsW
GetSystemDefaultLangID
GetCurrentProcess
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetTickCount
GetSystemWindowsDirectoryW
QueryPerformanceCounter
GlobalFree
CreateFileW
IsBadReadPtr
lstrcpyW
GetModuleFileNameW
GetCPInfo
GetDateFormatW
GetLastError
GetStartupInfoA
FormatMessageW
LoadLibraryW
GetCurrentThread
InterlockedDecrement
GlobalLock
SetLastError
OutputDebugStringA
FileTimeToSystemTime
lstrcmpiW
GetComputerNameW
WideCharToMultiByte
GlobalUnlock
DeleteCriticalSection
InterlockedIncrement
GlobalAlloc
GetModuleHandleA
InitializeCriticalSection
LocalFree
lstrlenW
GetProcAddress

advapi32

RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
RegCloseKey
RegCreateKeyExW
RegDeleteValueW
RegQueryValueExW
RegDeleteKeyW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4fa63938616de7c0420d216cf3e8de4

Headers

File Characteristics

Imports

certcli

msvcrt

user32

kernel32

advapi32

comctl32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 76KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 76KB

.rsrc
Size: 23KB - Virtual size: 23KB