4305bdc7283595c8d39060d98cb2996c7dc33df54cc3f2175860be4f64ae4698

Sharing

Copy URL Twitter E-mail

General

Target

4305bdc7283595c8d39060d98cb2996c7dc33df54cc3f2175860be4f64ae4698
Size

101KB
MD5

3f2127002fc84b23c27e47250309c019
SHA1

3ef24cd68c476e64deeaf48c9bbc48ea36584461
SHA256

4305bdc7283595c8d39060d98cb2996c7dc33df54cc3f2175860be4f64ae4698
SHA512

5dd92951a848e1e410078888b0e77b2a5bb961e56ca8ddd2b79a1d8100e9120abe5a38e3b6f81f5c3fb66293cecd7695f419450c77d6f9053dfa7a6aa899b0bd
SSDEEP

1536:AhBnSy1gRnrn2XbnaYyaHbULJE/kolLGqtUBZTC9Hk1t3TKAqkg9muJnFT86:Af4KXOhIbqJE/f0jZ2JkrD3qkXL

Score

N/A

Malware Config

Signatures

Files

4305bdc7283595c8d39060d98cb2996c7dc33df54cc3f2175860be4f64ae4698
.exe windows x86

9c6377cff65d798e1ba5c3d03d691ac9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExW
RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegEnumKeyExW
RegCloseKey
RegOpenKeyExW

kernel32

GlobalUnlock
GetSystemTimeAsFileTime
GetLastError
SetLastError
IsBadReadPtr
GetModuleHandleA
QueryPerformanceCounter
GetModuleFileNameW
InterlockedIncrement
FileTimeToSystemTime
FormatMessageW
InitializeCriticalSection
GetStartupInfoA
DeleteCriticalSection
GetEnvironmentStringsW
lstrcmpiW
GetACP
LoadLibraryW
WideCharToMultiByte
CreateFileW
lstrcpyW
CloseHandle
GetComputerNameW
OutputDebugStringW
FileTimeToLocalFileTime
GetCurrentProcess
LocalReAlloc
SetUnhandledExceptionFilter
GetDateFormatW
GlobalLock
GetSystemWindowsDirectoryW
RemoveDirectoryA
lstrlenW
LocalFree
OutputDebugStringA
InterlockedDecrement
GlobalAlloc
GetTickCount
GetSystemDefaultLangID
GlobalFree

certcli

CAGetCAProperty
CAFindCertTypeByName
CARemoveCACertificateType
CAGetCertTypeKeySpec
CAEnumCertTypes
CACloseCA
CAFreeCAProperty
CAGetCertTypePropertyEx
CAEnumCertTypesForCA
CASetCertTypeProperty
CAEnumNextCertType
CAFreeCertTypeProperty
CAUpdateCertType
CAUpdateCA
CASetCertTypeKeySpec
CASetCertTypeFlags
CASetCertTypeExtension
CAFreeCertTypeExtensions
CAAddCACertificateType
CACloseCertType
CACertTypeGetSecurity
CAFindByName
CAGetCertTypeProperty
CACreateCertType
CAGetCertTypeExtensions
CAGetCertTypeFlags
CACertTypeSetSecurity

msvcrt

??3@YAXPAX@Z
wcscpy
_wcsicmp
_initterm
vswprintf
wcscmp
__RTDynamicCast
wcslen
mbstowcs
??2@YAPAXI@Z
malloc
free
_except_handler3
wcstoul
_wcsupr
wcscat
wcschr
memmove
__dllonexit
_onexit
wcsrchr
_purecall
_adjust_fdiv
?terminate@@YAXXZ
wcsstr
??1type_info@@UAE@XZ

user32

LoadImageW
LoadBitmapW
ReleaseDC
InsertMenuItemW
EndDialog
LoadCursorW
SystemParametersInfoW
GetDC
SetWindowTextW
SendMessageW
GetDlgItemTextA
GetDlgItem
MessageBoxW
DialogBoxParamW
SetWindowLongW
WinHelpW
GetParent
SetFocus
SetCursor
SetDlgItemTextW
LoadStringW
LoadIconW
EnableWindow
PostMessageW
SendDlgItemMessageW
GetWindowLongW
RegisterClipboardFormatW
wsprintfW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c6377cff65d798e1ba5c3d03d691ac9

Headers

File Characteristics

Imports

advapi32

kernel32

certcli

msvcrt

user32

comctl32

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 84KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 84KB

.rsrc
Size: 23KB - Virtual size: 23KB