675887fdd139b6921ed4828a548fe939597f72352f52720d2e54305d0b0af838

Sharing

Copy URL Twitter E-mail

General

Target

675887fdd139b6921ed4828a548fe939597f72352f52720d2e54305d0b0af838
Size

101KB
MD5

b6b890a88bb852a2e52cf46d2800ceb6
SHA1

4c2eb082b2362f1b68ea40e99e2c18026421c733
SHA256

675887fdd139b6921ed4828a548fe939597f72352f52720d2e54305d0b0af838
SHA512

b5dc913f353d8ae723dfb4822d9a0e18ed62839e7dcb20d4a0b399abab626df45a0d3450c1be80c0a6a375cbe4da36cae66644c7d1f138f0616ae7b7d806f59b
SSDEEP

1536:g+kdY9hvxeTAVsPAgKxJCvMt695Gr1MHq3pajt5q3phCWiEYyGGPxT3le:ii95wnHyM/ESypaJw3phCmWGJl

Score

N/A

Malware Config

Signatures

Files

675887fdd139b6921ed4828a548fe939597f72352f52720d2e54305d0b0af838
.exe windows x86

1ab385704431a5c0d5d12666e5a0272b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
GetSystemTimeAsFileTime
GetCurrentProcess
LoadLibraryW
GlobalAlloc
SetUnhandledExceptionFilter
GetSystemWindowsDirectoryW
InterlockedIncrement
OutputDebugStringW
FileTimeToLocalFileTime
CloseHandle
LocalReAlloc
InitializeCriticalSection
WideCharToMultiByte
CreateFileW
GetCPInfo
lstrcpyW
GetComputerNameW
FileTimeToSystemTime
IsBadReadPtr
GlobalFree
QueryPerformanceCounter
GetCurrentThread
GetStartupInfoA
LocalFree
GetLastError
GetEnvironmentStringsW
FormatMessageW
SetLastError
GetDateFormatW
lstrcmpiW
OutputDebugStringA
GlobalLock
GetProcAddress
DeleteCriticalSection
GlobalUnlock
GetModuleHandleA
GetSystemDefaultLangID
GetModuleFileNameW
InterlockedDecrement
GetTickCount

advapi32

RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyExW

msvcrt

wcscmp
??1type_info@@UAE@XZ
free
_except_handler3
vswprintf
wcsstr
??2@YAPAXI@Z
_initterm
wcscat
__RTDynamicCast
__dllonexit
_wcsicmp
?terminate@@YAXXZ
malloc
wcsrchr
mbstowcs
_wcsupr
wcschr
_adjust_fdiv
wcstoul
wcslen
??3@YAXPAX@Z
memmove
wcscpy
_onexit

certcli

CAGetCertTypeKeySpec
CAAddCACertificateType
CAEnumCertTypesForCA
CAGetCertTypeProperty
CAGetCertTypeFlags
CAFindCertTypeByName
CACloseCA
CASetCertTypeFlags
CASetCertTypeKeySpec
CASetCertTypeProperty
CAFreeCertTypeProperty
CAGetCAProperty
CASetCertTypeExtension
CAEnumNextCertType
CAUpdateCA
CAUpdateCertType
CACloseCertType
CAEnumCertTypes
CAFreeCAProperty
CACertTypeGetSecurity
CAGetCertTypeExtensions
CAGetCertTypePropertyEx
CAFindByName
CARemoveCACertificateType
CACreateCertType
CACertTypeSetSecurity
CAFreeCertTypeExtensions

user32

RegisterClipboardFormatW
LoadIconW
SetCursor
SetFocus
PostMessageW
SetDlgItemTextW
LoadCursorW
SetWindowTextW
SendMessageW
GetDC
GetDlgItemTextA
EnableWindow
LoadBitmapW
MessageBoxW
LoadImageW
GetWindowLongW
EndDialog
SetWindowLongW
GetParent
SystemParametersInfoW
LoadStringW
GetDlgItem
InsertMenuItemW
SendDlgItemMessageW
wsprintfW
DialogBoxParamW
WinHelpW
ReleaseDC

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ab385704431a5c0d5d12666e5a0272b

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

certcli

user32

comctl32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 100KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 100KB

.rsrc
Size: 23KB - Virtual size: 22KB