30bd6ab7f8af87ff9bb246f0d7190f2f5270ba4c82498102e05dd4d55abce2f8

Sharing

Copy URL Twitter E-mail

General

Target

30bd6ab7f8af87ff9bb246f0d7190f2f5270ba4c82498102e05dd4d55abce2f8
Size

101KB
MD5

5e3297c486ce63f9dbcac7292e24f1c4
SHA1

dadf678df3965416b993984e00bf91d8337fc30d
SHA256

30bd6ab7f8af87ff9bb246f0d7190f2f5270ba4c82498102e05dd4d55abce2f8
SHA512

f4ae15c04e451e1fc462b444a876b4f831933bd227a3d35ef39c64b73225b756bcefc871536b5627b31f991c08616ad0c4f54967225d73c225c73006aba84b4c
SSDEEP

1536:V0D6cyTda29ZWMd4Bj+FGWOVDu/65SG32z+4qqyTjzbxAqmMOxO:CeDJZWus+FGS/4Sm2z+XqyTjzbxA

Score

N/A

Malware Config

Signatures

Files

30bd6ab7f8af87ff9bb246f0d7190f2f5270ba4c82498102e05dd4d55abce2f8
.exe windows x86

7fb3953856696938fc86e1a80a61fd1e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAUpdateCA
CASetCertTypeProperty
CAGetCertTypeExtensions
CASetCertTypeFlags
CAEnumCertTypes
CAGetCertTypeKeySpec
CAFindCertTypeByName
CAGetCertTypeProperty
CASetCertTypeExtension
CACreateCertType
CARemoveCACertificateType
CAFreeCAProperty
CAFreeCertTypeExtensions
CAGetCAProperty
CAAddCACertificateType
CAGetCertTypePropertyEx
CACloseCertType
CAFindByName
CACertTypeSetSecurity
CAUpdateCertType
CASetCertTypeKeySpec
CACertTypeGetSecurity
CAGetCertTypeFlags
CAEnumCertTypesForCA
CAFreeCertTypeProperty
CAEnumNextCertType
CACloseCA

user32

LoadStringW
RegisterClipboardFormatW
PostMessageW
EnableWindow
GetParent
GetDlgItem
LoadIconW
SetFocus
SetDlgItemTextW
MessageBoxW
EndDialog
InsertMenuItemW
SystemParametersInfoW
LoadBitmapW
SendDlgItemMessageW
LoadImageW
WinHelpW
SendMessageW
wsprintfW
SetWindowLongW
GetDlgItemTextA
DialogBoxParamW
SetCursor
ReleaseDC
GetDC
LoadCursorW
GetWindowLongW
SetWindowTextW

kernel32

GetProcAddress
GetCurrentProcess
GetStartupInfoA
lstrcmpiW
GetEnvironmentStringsW
OutputDebugStringA
GlobalUnlock
CreateFileW
GlobalLock
GetSystemWindowsDirectoryW
GetSystemDefaultLangID
FormatMessageW
GetTickCount
lstrcpyW
GlobalFree
DeleteCriticalSection
SetUnhandledExceptionFilter
lstrlenW
GetDateFormatW
GetSystemTimeAsFileTime
OutputDebugStringW
GetLastError
GetCPInfo
LoadLibraryW
InterlockedDecrement
LocalReAlloc
GetComputerNameW
QueryPerformanceCounter
InterlockedIncrement
WideCharToMultiByte
CloseHandle
GetModuleHandleA
SetLastError
FileTimeToLocalFileTime
RemoveDirectoryA
GetModuleFileNameW
IsBadReadPtr
FileTimeToSystemTime
GlobalAlloc
LocalFree
InitializeCriticalSection

msvcrt

free
wcscpy
wcsrchr
malloc
wcsstr
_except_handler3
mbstowcs
wcscmp
_initterm
vswprintf
_adjust_fdiv
wcschr
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_onexit
wcslen
_wcsupr
memmove
__RTDynamicCast
??2@YAPAXI@Z
wcstoul
__dllonexit
wcscat
_wcsicmp
??3@YAXPAX@Z

advapi32

RegSetValueExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fb3953856696938fc86e1a80a61fd1e

Headers

File Characteristics

Imports

certcli

user32

kernel32

msvcrt

advapi32

comctl32

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 95KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 95KB

.rsrc
Size: 24KB - Virtual size: 23KB