5559921dcbf21a488dfaeccfb4c87a63d6162c6e56d12617718fe44b2ad291f3

Sharing

Copy URL Twitter E-mail

General

Target

5559921dcbf21a488dfaeccfb4c87a63d6162c6e56d12617718fe44b2ad291f3
Size

48KB
MD5

82fb4a8e6c4f048af9e2990426d2fdfd
SHA1

91c20ea882aae2314e90ac2d762da1e923a465be
SHA256

5559921dcbf21a488dfaeccfb4c87a63d6162c6e56d12617718fe44b2ad291f3
SHA512

413d8edea64b19767250d518138e09716d259a7366e343b350dc4c897bf866780f36aef0723a97c5a2e895ec851905ad5afbbe3f551568d63f2e70712eb62685
SSDEEP

1536:lkT4dzMBatypGAmgu/gTdyjnnWaiLBEXJSjhV:lkTGMBatppLnWaiLGAj

Score

N/A

Malware Config

Signatures

Files

5559921dcbf21a488dfaeccfb4c87a63d6162c6e56d12617718fe44b2ad291f3
.exe windows x86

8fd4a74deb7a49353a21458614f8a3a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlReleaseResource
RtlInitializeResource
RtlAcquireResourceExclusive
RtlDeleteResource
RtlAcquireResourceShared

winmm

auxSetVolume

ole32

CoInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
StringFromCLSID

msvcrt

_chdir
_initterm
exit
wcscat
_beginthread
malloc
wcsncpy
_wtoi
_beep
_itow
wcschr
_wcsicmp
_adjust_fdiv
_except_handler3
iswdigit
wcscpy

crypt32

CertFreeCertificateContext
CertCreateCertificateContext
CryptDecodeObjectEx

certcli

CAGetCertTypeProperty
CAFindCertTypeByName
CAFreeCertTypeProperty
CACloseCertType

user32

GetParent
SendMessageW
wsprintfW
SetWindowLongW
GetDlgItem
GetWindowLongW
EnableWindow
LoadStringW
WinHelpW
MessageBoxW

advapi32

RegDeleteKeyW
LsaOpenPolicy
RegCreateKeyExW
RegEnumValueW
LsaClose
LsaFreeMemory
RegEnumKeyExW
LsaRetrievePrivateData
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegQueryValueExW

kernel32

UnhandledExceptionFilter
GetSystemTime
GetComputerNameW
SetLastError
FileTimeToLocalFileTime
CloseHandle
GetModuleHandleW
SetUnhandledExceptionFilter
GetCurrentProcessId
lstrcmpiW
GetSystemTimeAsFileTime
LeaveCriticalSection
LocalAlloc
GetDateFormatW
GetVersionExW
InterlockedIncrement
DeleteCriticalSection
TerminateProcess
GetComputerNameExW
VirtualAlloc
LocalReAlloc
lstrlenW
CompareStringW
LocalFree
GetLastError
GetCurrentThreadId
DisableThreadLibraryCalls
GetTickCount
FormatMessageW
InitializeCriticalSection
GetEnvironmentVariableW
EnterCriticalSection
SystemTimeToFileTime
GetACP
GetModuleFileNameW
GetTimeFormatW
CreateFileW
WriteFile
InterlockedDecrement
Sleep
FileTimeToSystemTime
QueryPerformanceCounter
MultiByteToWideChar

comctl32

PropertySheetW

Sections

.textbss
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8fd4a74deb7a49353a21458614f8a3a5

Headers

File Characteristics

Imports

ntdll

winmm

ole32

msvcrt

crypt32

certcli

user32

advapi32

kernel32

comctl32

Sections

.textbss Size: - Virtual size: 1.3MB

.reloc Size: 512B - Virtual size: 448B

.text Size: 512B - Virtual size: 468B

.rdata Size: 512B - Virtual size: 32B

.idata Size: 46KB - Virtual size: 45KB

.textbss
Size: - Virtual size: 1.3MB

.reloc
Size: 512B - Virtual size: 448B

.text
Size: 512B - Virtual size: 468B

.rdata
Size: 512B - Virtual size: 32B

.idata
Size: 46KB - Virtual size: 45KB