7d9ff8d8d7a3329095aa6307a08c645f7d5572845d49a51cd64c7ced6ec0f86d

Sharing

Copy URL Twitter E-mail

General

Target

7d9ff8d8d7a3329095aa6307a08c645f7d5572845d49a51cd64c7ced6ec0f86d
Size

102KB
MD5

98e3a39557a94c00e70ed1b62dae44dc
SHA1

8603dc037b32cd9377e9c643a7cdaf075f7a23bf
SHA256

7d9ff8d8d7a3329095aa6307a08c645f7d5572845d49a51cd64c7ced6ec0f86d
SHA512

870b160d86f0e298e39cacec1d6c31e6e86ccc19c43d16e1ad32913d1d2bca7319ad6c99ee11e2b38207a95996a32427419064d2414580b6253a086ff4108957
SSDEEP

1536:qovxcaOdwJKvHOPr4W8DLxfpoiw7xPd4pdx/zbCaiQWxIdgckRGBn3VU/6:Rc7vuPr4WM8F7IpdRbCaiQWxIdoR63

Score

N/A

Malware Config

Signatures

Files

7d9ff8d8d7a3329095aa6307a08c645f7d5572845d49a51cd64c7ced6ec0f86d
.exe windows x86

0045b66e41f32750685008ceb144b33b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
GetCurrentProcess
GetModuleHandleA
FileTimeToLocalFileTime
lstrlenW
InterlockedDecrement
LocalFree
InterlockedIncrement
OutputDebugStringA
GetEnvironmentStringsW
FormatMessageW
GetStartupInfoA
GetSystemWindowsDirectoryW
GlobalUnlock
GetSystemDefaultLangID
IsBadReadPtr
GetCurrentThread
lstrcpyW
lstrcmpiW
GetSystemTimeAsFileTime
SetLastError
CreateFileW
GetProcAddress
GetDateFormatW
SetUnhandledExceptionFilter
GetComputerNameW
InitializeCriticalSection
GlobalLock
LoadLibraryW
GetModuleFileNameW
OutputDebugStringW
GetTickCount
GlobalFree
FileTimeToSystemTime
WideCharToMultiByte
GetCPInfo
LocalReAlloc
GlobalAlloc
GetLastError
DeleteCriticalSection
CloseHandle

user32

GetDC
LoadStringW
SetWindowLongW
GetParent
PostMessageW
RegisterClipboardFormatW
GetDlgItem
ReleaseDC
LoadImageW
LoadBitmapW
GetDlgItemTextA
WinHelpW
EnableWindow
SetWindowTextW
wsprintfW
LoadIconW
SetDlgItemTextW
SendDlgItemMessageW
SetCursor
SetFocus
LoadCursorW
SendMessageW
MessageBoxW
SystemParametersInfoW
GetWindowLongW
EndDialog
InsertMenuItemW
DialogBoxParamW

msvcrt

_onexit
_initterm
wcsrchr
wcslen
__RTDynamicCast
wcscpy
_wcsupr
wcscat
wcschr
wcsstr
__dllonexit
?terminate@@YAXXZ
wcstoul
wcscmp
_except_handler3
_wcsicmp
??2@YAPAXI@Z
mbstowcs
??3@YAXPAX@Z
_adjust_fdiv
free
??1type_info@@UAE@XZ
malloc
vswprintf
memmove

certcli

CAGetCertTypeFlags
CAFreeCertTypeProperty
CAAddCACertificateType
CAEnumCertTypesForCA
CAUpdateCA
CASetCertTypeKeySpec
CAGetCertTypePropertyEx
CAFreeCertTypeExtensions
CAGetCertTypeExtensions
CASetCertTypeFlags
CACreateCertType
CACertTypeGetSecurity
CAEnumCertTypes
CAGetCAProperty
CAFreeCAProperty
CAFindCertTypeByName
CACloseCA
CACloseCertType
CARemoveCACertificateType
CAGetCertTypeProperty
CAEnumNextCertType
CASetCertTypeExtension
CAFindByName
CASetCertTypeProperty
CACertTypeSetSecurity
CAUpdateCertType
CAGetCertTypeKeySpec

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0045b66e41f32750685008ceb144b33b

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

certcli

advapi32

comctl32

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 109KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 109KB

.rsrc
Size: 23KB - Virtual size: 23KB