60847bb0b66895d719b8d47d557205b6e573154aa0a36a0d388b79f76a93d129

Sharing

Copy URL Twitter E-mail

General

Target

60847bb0b66895d719b8d47d557205b6e573154aa0a36a0d388b79f76a93d129
Size

103KB
MD5

4e73bfcfef3165d3c2be98961c331b68
SHA1

924043a0c1d6765e0662f598fe02ff6c2d387954
SHA256

60847bb0b66895d719b8d47d557205b6e573154aa0a36a0d388b79f76a93d129
SHA512

49f936be5378aceca1f2ca4db995e471cc0b0d70cc644337d5c07b7bd600b3262c5e98ba0f5b6b350eba8370d32b56c72ba64c61a90ca566cf9c87707edb210e
SSDEEP

1536:ywrJdZlMqzrRARPr6gU7gh1or+eB7BVsYnzrCOzCMt+ZGHd4vrM8e1cSxW8:lrRlDH2Pr6hAMvxbrCOG7Od5Jrh

Score

N/A

Malware Config

Signatures

Files

60847bb0b66895d719b8d47d557205b6e573154aa0a36a0d388b79f76a93d129
.exe windows x86

d0a6f2e416ed1d66bec27e2667332243

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
CloseHandle
GetSystemTimeAsFileTime
GetModuleHandleA
LocalReAlloc
CreateFileW
GetCurrentProcess
GetCPInfo
GetModuleFileNameW
OutputDebugStringA
InterlockedIncrement
GetSystemWindowsDirectoryW
GlobalLock
GetComputerNameW
GlobalUnlock
GetEnvironmentStringsW
OutputDebugStringW
QueryPerformanceCounter
GetStartupInfoA
WideCharToMultiByte
lstrlenW
SetUnhandledExceptionFilter
lstrcpyW
FileTimeToSystemTime
GlobalFree
LocalFree
InterlockedDecrement
SetLastError
GetProcAddress
FileTimeToLocalFileTime
DeleteCriticalSection
RemoveDirectoryA
GetLastError
LoadLibraryW
GetTickCount
IsBadReadPtr
GlobalAlloc
FormatMessageW
GetSystemDefaultLangID
InitializeCriticalSection
GetDateFormatW

user32

SendDlgItemMessageW
LoadStringW
GetDlgItemTextA
InsertMenuItemW
EnableWindow
LoadBitmapW
LoadIconW
SendMessageW
ReleaseDC
SetWindowLongW
GetParent
SystemParametersInfoW
EndDialog
wsprintfW
RegisterClipboardFormatW
GetDlgItem
SetFocus
SetWindowTextW
SetDlgItemTextW
GetDC
PostMessageW
WinHelpW
GetWindowLongW
MessageBoxW
SetCursor
DialogBoxParamW
LoadCursorW
LoadImageW

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegCloseKey

msvcrt

??3@YAXPAX@Z
_initterm
__RTDynamicCast
_except_handler3
wcscmp
malloc
wcsstr
free
wcsrchr
mbstowcs
_wcsupr
wcscpy
wcslen
wcstoul
?terminate@@YAXXZ
__dllonexit
_onexit
memmove
??2@YAPAXI@Z
wcscat
_wcsicmp
vswprintf
_adjust_fdiv
wcschr
??1type_info@@UAE@XZ

certcli

CAGetCertTypeFlags
CASetCertTypeExtension
CAEnumCertTypes
CAFindCertTypeByName
CAFindByName
CAAddCACertificateType
CACertTypeSetSecurity
CARemoveCACertificateType
CAGetCAProperty
CACreateCertType
CASetCertTypeProperty
CAGetCertTypePropertyEx
CACloseCA
CAGetCertTypeExtensions
CAFreeCAProperty
CAUpdateCertType
CASetCertTypeKeySpec
CACertTypeGetSecurity
CAUpdateCA
CACloseCertType
CAFreeCertTypeProperty
CAEnumNextCertType
CASetCertTypeFlags
CAFreeCertTypeExtensions
CAGetCertTypeProperty
CAGetCertTypeKeySpec
CAEnumCertTypesForCA

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0a6f2e416ed1d66bec27e2667332243

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

certcli

comctl32

Sections

.text Size: 49KB - Virtual size: 48KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 112KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 49KB - Virtual size: 48KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 112KB

.rsrc
Size: 23KB - Virtual size: 22KB