440caa7f5af21bf4436c3956afefa21dc50125f987f34f5144c9438156bae6e5

Sharing

Copy URL Twitter E-mail

General

Target

440caa7f5af21bf4436c3956afefa21dc50125f987f34f5144c9438156bae6e5
Size

101KB
MD5

6b42276c6ee044bf2582a323d056d241
SHA1

100fbfb920f7a0a19b6eb912b37268d10ae4eb3e
SHA256

440caa7f5af21bf4436c3956afefa21dc50125f987f34f5144c9438156bae6e5
SHA512

fbd3c455492e83005828da98120d7c0620cfab6e6822da3fe91e11e821887fa168115f5c79189146af00046b19cf035b6d755902e21c6da69d8eb897dc4890cf
SSDEEP

3072:mLY+mkXfLzsLOyecJqHF56bvArzC5OmgiK5VHxP888:mL9mkXf3socJqlck65OmgiCh

Score

N/A

Malware Config

Signatures

Files

440caa7f5af21bf4436c3956afefa21dc50125f987f34f5144c9438156bae6e5
.exe windows x86

7564f43363e02badd4c12ca58ad65ffe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CASetCertTypeKeySpec
CAFreeCertTypeProperty
CAEnumCertTypesForCA
CAGetCertTypePropertyEx
CAGetCertTypeKeySpec
CASetCertTypeExtension
CAFreeCertTypeExtensions
CARemoveCACertificateType
CAFreeCAProperty
CAGetCertTypeProperty
CAUpdateCertType
CAAddCACertificateType
CASetCertTypeFlags
CASetCertTypeProperty
CACertTypeGetSecurity
CACloseCertType
CACloseCA
CAFindByName
CAUpdateCA
CACertTypeSetSecurity
CAGetCertTypeExtensions
CAGetCAProperty
CAEnumNextCertType
CACreateCertType
CAFindCertTypeByName
CAEnumCertTypes
CAGetCertTypeFlags

msvcrt

free
__dllonexit
??1type_info@@UAE@XZ
wcschr
_adjust_fdiv
wcscmp
??3@YAXPAX@Z
wcsstr
_except_handler3
_wcsupr
malloc
_wcsicmp
vswprintf
wcstoul
mbstowcs
wcslen
__RTDynamicCast
?terminate@@YAXXZ
wcscat
_initterm
wcscpy
??2@YAPAXI@Z
wcsrchr
memmove
_onexit

kernel32

WideCharToMultiByte
SetLastError
DeleteCriticalSection
GetComputerNameW
GetModuleHandleA
FileTimeToSystemTime
GetSystemTimeAsFileTime
GetLastError
CreateFileW
GetProcAddress
OutputDebugStringA
GetDateFormatW
InterlockedDecrement
LocalFree
InterlockedIncrement
GetEnvironmentStringsW
GetStartupInfoA
GlobalFree
IsBadReadPtr
lstrlenW
GetModuleFileNameW
RemoveDirectoryA
GetSystemDefaultLangID
lstrcpyW
GlobalUnlock
LocalReAlloc
FormatMessageW
GlobalAlloc
GetCPInfo
LoadLibraryW
CloseHandle
GetSystemWindowsDirectoryW
FileTimeToLocalFileTime
GlobalLock
GetTickCount
OutputDebugStringW
lstrcmpiW
GetCurrentProcess
QueryPerformanceCounter
InitializeCriticalSection
SetUnhandledExceptionFilter

user32

GetWindowLongW
GetDC
InsertMenuItemW
DialogBoxParamW
SendDlgItemMessageW
LoadIconW
LoadBitmapW
SetFocus
SystemParametersInfoW
SetWindowLongW
wsprintfW
SetWindowTextW
EnableWindow
GetDlgItemTextA
SetDlgItemTextW
GetParent
SetCursor
GetDlgItem
ReleaseDC
SendMessageW
PostMessageW
RegisterClipboardFormatW
LoadImageW
LoadCursorW
MessageBoxW
EndDialog
WinHelpW
LoadStringW

advapi32

RegCreateKeyExW
RegCloseKey
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7564f43363e02badd4c12ca58ad65ffe

Headers

File Characteristics

Imports

certcli

msvcrt

kernel32

user32

advapi32

comctl32

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 103KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 103KB

.rsrc
Size: 24KB - Virtual size: 23KB