52fca709eef7a5f8130bad32d57f1070e40474d305182baeccb1a17439feda83

Sharing

Copy URL Twitter E-mail

General

Target

52fca709eef7a5f8130bad32d57f1070e40474d305182baeccb1a17439feda83
Size

98KB
MD5

cdc19dcd65b06b8cd50cabd0a15fd0fc
SHA1

812b79f0777776d87348c3f07a023a4596161b15
SHA256

52fca709eef7a5f8130bad32d57f1070e40474d305182baeccb1a17439feda83
SHA512

be66b7b0a38d7900b828657055cc66e25b4eeaa4bf569f32d4f82cdb0b2edabed11895f78fcfae19c7a862a9ffd59ee0f63a6b0f0261790091e3357ea4c2e66a
SSDEEP

1536:0vbwj6IBJOWo5MylhLpl3OgknKLe2elhJOCOHMYnu4k:0jwj6Wrylb0nKy2ePJOfHvu

Score

N/A

Malware Config

Signatures

Files

52fca709eef7a5f8130bad32d57f1070e40474d305182baeccb1a17439feda83
.exe windows x86

db15476211a604fce16d5d6b3e32798b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetSystemDefaultLangID
WideCharToMultiByte
FormatMessageW
GetProcAddress
lstrcmpiW
InitializeCriticalSection
FileTimeToSystemTime
OutputDebugStringW
SetLastError
GlobalFree
GlobalUnlock
LoadLibraryW
GetLastError
lstrlenW
GlobalLock
OutputDebugStringA
GetDateFormatW
GetModuleHandleA
GetEnvironmentStringsW
GetComputerNameW
GetCurrentProcess
GetSystemTimeAsFileTime
GetStartupInfoA
GlobalAlloc
SetUnhandledExceptionFilter
CreateFileW
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
IsBadReadPtr
RemoveDirectoryA
FileTimeToLocalFileTime
GetModuleFileNameW
LocalFree
GetSystemWindowsDirectoryW
lstrcpyW
LocalReAlloc
QueryPerformanceCounter
GetTickCount
GetCPInfo

user32

WinHelpW
GetWindowLongW
ReleaseDC
GetParent
SetCursor
GetDC
GetDlgItem
SetWindowLongW
InsertMenuItemW
DialogBoxParamW
SetDlgItemTextW
RegisterClipboardFormatW
SendMessageW
EnableWindow
SetWindowTextW
LoadCursorW
GetDlgItemTextA
LoadIconW
LoadImageW
PostMessageW
LoadStringW
SetFocus
LoadBitmapW
EndDialog
wsprintfW
SendDlgItemMessageW
MessageBoxW
SystemParametersInfoW

msvcrt

??2@YAPAXI@Z
__dllonexit
free
wcstoul
_adjust_fdiv
malloc
mbstowcs
wcsstr
_initterm
vswprintf
wcschr
??3@YAXPAX@Z
?terminate@@YAXXZ
_wcsupr
wcsrchr
wcslen
_except_handler3
__RTDynamicCast
_wcsicmp
wcscat
_onexit
memmove
??1type_info@@UAE@XZ
wcscmp
wcscpy

certcli

CACloseCA
CAGetCertTypeKeySpec
CASetCertTypeKeySpec
CACreateCertType
CACertTypeGetSecurity
CARemoveCACertificateType
CAEnumNextCertType
CAGetCAProperty
CAGetCertTypeExtensions
CASetCertTypeExtension
CAFreeCertTypeProperty
CAGetCertTypePropertyEx
CAFindByName
CAAddCACertificateType
CAFreeCAProperty
CAEnumCertTypes
CAGetCertTypeProperty
CAFreeCertTypeExtensions
CAEnumCertTypesForCA
CASetCertTypeFlags
CACloseCertType
CASetCertTypeProperty
CAFindCertTypeByName
CACertTypeSetSecurity
CAGetCertTypeFlags
CAUpdateCertType
CAUpdateCA

advapi32

RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegCreateKeyExW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db15476211a604fce16d5d6b3e32798b

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

certcli

advapi32

comctl32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 112KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 112KB

.rsrc
Size: 23KB - Virtual size: 22KB