5958da53651d5c39bf59d1cb223e007fb2280a2d3d549cc6b854e6219d2af644

Sharing

Copy URL

Twitter E-mail

General

Target

5958da53651d5c39bf59d1cb223e007fb2280a2d3d549cc6b854e6219d2af644
Size

100KB
MD5

0f2c05bfdee86c487b4e3822706d19c8
SHA1

b3aa021d3cdf25e16c2aff0ac8fbbb37ecb2956d
SHA256

5958da53651d5c39bf59d1cb223e007fb2280a2d3d549cc6b854e6219d2af644
SHA512

334dcb3513e02e62a0902c14c4cee995017df5abc3d3bca20156dcc25baf567a7c8971084051817f7aa20e1dba20c381bdf2b76f9acc921c8f72724e7e46fcc4
SSDEEP

3072:q+EsNv6tveWVlTYVePkihQutn/T5JfSwxA8p:/EsfWVlRPxQutn/7fLC8

Score

N/A

Malware Config

Signatures

Files

5958da53651d5c39bf59d1cb223e007fb2280a2d3d549cc6b854e6219d2af644
.exe windows x86

ca18e3ffc91e08a1f6a59d92e489be7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW

msvcrt

wcslen
wcscat
__RTDynamicCast
malloc
??3@YAXPAX@Z
wcscpy
wcschr
??1type_info@@UAE@XZ
_wcsupr
?terminate@@YAXXZ
mbstowcs
_wcsicmp
vswprintf
wcsstr
wcscmp
_purecall
wcstoul
_except_handler3
_adjust_fdiv
__dllonexit
memmove
wcsrchr
??2@YAPAXI@Z
free
_onexit
_initterm

user32

SetWindowTextW
EnableWindow
RegisterClipboardFormatW
LoadCursorW
LoadBitmapW
MessageBoxW
SystemParametersInfoW
SetCursor
GetDC
EndDialog
LoadStringW
GetDlgItem
GetDlgItemTextA
SetFocus
InsertMenuItemW
ReleaseDC
wsprintfW
SendMessageW
DialogBoxParamW
LoadImageW
GetWindowLongW
WinHelpW
LoadIconW
GetParent
SetWindowLongW
SetDlgItemTextW
PostMessageW
SendDlgItemMessageW

kernel32

InitializeCriticalSection
GetComputerNameW
IsBadReadPtr
CreateFileW
OutputDebugStringW
InterlockedDecrement
GetModuleFileNameW
FormatMessageW
GetLastError
lstrcpyW
GlobalAlloc
LocalReAlloc
InterlockedIncrement
GetACP
lstrlenW
DeleteCriticalSection
CloseHandle
WideCharToMultiByte
SetUnhandledExceptionFilter
GetSystemWindowsDirectoryW
GetModuleHandleA
FileTimeToSystemTime
GetSystemDefaultLangID
OutputDebugStringA
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
QueryPerformanceCounter
GlobalFree
GetStartupInfoA
LoadLibraryW
GetTickCount
lstrcmpiW
GlobalLock
GlobalUnlock
RemoveDirectoryA
GetCurrentProcess
SetLastError
LocalFree
GetEnvironmentStringsW
GetDateFormatW

certcli

CACertTypeGetSecurity
CASetCertTypeKeySpec
CAFreeCertTypeExtensions
CAUpdateCertType
CACloseCA
CAGetCertTypeFlags
CACertTypeSetSecurity
CAUpdateCA
CASetCertTypeFlags
CAEnumCertTypesForCA
CARemoveCACertificateType
CAEnumCertTypes
CASetCertTypeProperty
CAFreeCAProperty
CACloseCertType
CAGetCertTypeKeySpec
CAFreeCertTypeProperty
CASetCertTypeExtension
CAEnumNextCertType
CAFindCertTypeByName
CAGetCertTypeProperty
CAGetCAProperty
CACreateCertType
CAGetCertTypeExtensions
CAGetCertTypePropertyEx
CAAddCACertificateType
CAFindByName

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca18e3ffc91e08a1f6a59d92e489be7b

Headers

File Characteristics

Imports

advapi32

msvcrt

user32

kernel32

certcli

comctl32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 95KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 95KB

.rsrc
Size: 24KB - Virtual size: 23KB