d3005cb4dce302573b866b2604c61344e986ab562f6f32e9e8995581a376ff20

Sharing

Copy URL

Twitter E-mail

General

Target

d3005cb4dce302573b866b2604c61344e986ab562f6f32e9e8995581a376ff20
Size

101KB
MD5

86c1507555a12d0947b5137900e131ab
SHA1

c15c60b15266d4a3a32169c3a20d1e348075fbb9
SHA256

d3005cb4dce302573b866b2604c61344e986ab562f6f32e9e8995581a376ff20
SHA512

d361c19932ab750e8b3bd81932809ec7ec6434b2a3241895b15a8ca87f6ec89c839ae95f6dfd161bbddccd286809c8ec145cd317c921460dd6f70ec5e83497ad
SSDEEP

1536:cYbbzK+etgRT47XhEqTjgjip5kiKYDekwjSDNFiAfeit+3A/We1HOd:VwLTjT8irDekmS7iAWit+3A/We1w

Score

N/A

Malware Config

Signatures

Files

d3005cb4dce302573b866b2604c61344e986ab562f6f32e9e8995581a376ff20
.exe windows x86

2472839c99e8411409dacad8de5be7ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
GetModuleHandleA
GlobalFree
GetTickCount
GetComputerNameW
LocalFree
RemoveDirectoryA
OutputDebugStringW
GetSystemWindowsDirectoryW
LocalReAlloc
GlobalLock
SetUnhandledExceptionFilter
GetStartupInfoA
GetEnvironmentStringsW
GlobalAlloc
OutputDebugStringA
FileTimeToSystemTime
GetSystemDefaultLangID
LoadLibraryW
CloseHandle
GetModuleFileNameW
DeleteCriticalSection
CreateFileW
GetACP
lstrcpyW
IsBadReadPtr
GlobalUnlock
lstrcmpiW
GetDateFormatW
InitializeCriticalSection
GetSystemTimeAsFileTime
InterlockedDecrement
GetCurrentProcess
lstrlenW
InterlockedIncrement
WideCharToMultiByte
FormatMessageW
FileTimeToLocalFileTime
SetLastError
GetLastError

user32

ReleaseDC
SetWindowTextW
SetFocus
GetParent
DialogBoxParamW
SetWindowLongW
SendMessageW
SystemParametersInfoW
InsertMenuItemW
PostMessageW
wsprintfW
GetDlgItemTextA
LoadStringW
GetDlgItem
LoadBitmapW
WinHelpW
GetWindowLongW
LoadIconW
SendDlgItemMessageW
LoadCursorW
EnableWindow
SetDlgItemTextW
LoadImageW
GetDC
SetCursor
MessageBoxW
RegisterClipboardFormatW
EndDialog

msvcrt

_except_handler3
mbstowcs
??2@YAPAXI@Z
wcsstr
wcstoul
free
vswprintf
wcscmp
malloc
wcscpy
_adjust_fdiv
_purecall
wcsrchr
??3@YAXPAX@Z
_initterm
_onexit
memmove
__dllonexit
wcslen
?terminate@@YAXXZ
_wcsicmp
__RTDynamicCast
??1type_info@@UAE@XZ
_wcsupr
wcscat
wcschr

certcli

CAAddCACertificateType
CASetCertTypeProperty
CAFindByName
CASetCertTypeExtension
CAGetCAProperty
CAFreeCertTypeProperty
CASetCertTypeFlags
CAGetCertTypeExtensions
CAUpdateCA
CAFreeCertTypeExtensions
CAEnumNextCertType
CAGetCertTypeFlags
CACertTypeGetSecurity
CACloseCertType
CACloseCA
CAGetCertTypePropertyEx
CAEnumCertTypes
CAFindCertTypeByName
CAEnumCertTypesForCA
CARemoveCACertificateType
CACertTypeSetSecurity
CACreateCertType
CAGetCertTypeKeySpec
CAUpdateCertType
CAGetCertTypeProperty
CASetCertTypeKeySpec
CAFreeCAProperty

advapi32

RegCloseKey
RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegDeleteKeyW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2472839c99e8411409dacad8de5be7ea

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

certcli

advapi32

comctl32

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 84KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 84KB

.rsrc
Size: 23KB - Virtual size: 22KB