c71aadd07327b716005baad96adc87d3625c7386faf0a3ccecc65a1fbe58652d

Sharing

Copy URL

Twitter E-mail

General

Target

c71aadd07327b716005baad96adc87d3625c7386faf0a3ccecc65a1fbe58652d
Size

102KB
MD5

b7c9cd24b41878bbbc5abb01e1131f1a
SHA1

29e7fef603cbde2c075fc03441686418d7720266
SHA256

c71aadd07327b716005baad96adc87d3625c7386faf0a3ccecc65a1fbe58652d
SHA512

751bfef51bdb5edac25b76c21051528201142d9c47ff596ce0e2907b6eb235366c735970894667ff77a4c34241e4c34b15c0ef1eb06b30047efb9363a245bb9b
SSDEEP

1536:hv2Qj1raQK3eC9S6ZQjDvV2TIQ+PqVPurDc5YW2WaN1LH6ZgO6hpe+cuaa:hv2QjBNEel8EDtWFFYyaDz6ZshpLc

Score

N/A

Malware Config

Signatures

Files

c71aadd07327b716005baad96adc87d3625c7386faf0a3ccecc65a1fbe58652d
.exe windows x86

e2d1f338da2c60675db06106975f3669

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
InitializeCriticalSection
GetDateFormatW
GetComputerNameW
GetProcAddress
IsBadReadPtr
OutputDebugStringA
InterlockedDecrement
CreateFileW
FormatMessageW
LocalFree
RemoveDirectoryA
GetModuleFileNameW
lstrcpyW
DeleteCriticalSection
GetTickCount
QueryPerformanceCounter
WideCharToMultiByte
GetModuleHandleA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCPInfo
GetSystemWindowsDirectoryW
GetEnvironmentStringsW
GetStartupInfoA
GlobalAlloc
GlobalUnlock
SetLastError
lstrlenW
GlobalLock
GetLastError
GetCurrentProcess
GlobalFree
GetSystemTimeAsFileTime
CloseHandle
LoadLibraryW
LocalReAlloc
InterlockedIncrement
lstrcmpiW
OutputDebugStringW
GetSystemDefaultLangID

user32

WinHelpW
GetParent
SetFocus
GetWindowLongW
RegisterClipboardFormatW
EnableWindow
LoadIconW
SetWindowTextW
LoadCursorW
LoadImageW
MessageBoxW
SetWindowLongW
InsertMenuItemW
PostMessageW
wsprintfW
SendMessageW
SystemParametersInfoW
DialogBoxParamW
SetDlgItemTextW
SendDlgItemMessageW
GetDC
LoadBitmapW
EndDialog
SetCursor
ReleaseDC
LoadStringW
GetDlgItemTextA
GetDlgItem

msvcrt

wcsrchr
wcscpy
_adjust_fdiv
memmove
wcstoul
free
wcscat
?terminate@@YAXXZ
vswprintf
_initterm
__dllonexit
wcschr
??1type_info@@UAE@XZ
_wcsupr
_except_handler3
_onexit
wcsstr
??2@YAPAXI@Z
wcslen
__RTDynamicCast
_wcsicmp
??3@YAXPAX@Z
wcscmp
malloc
mbstowcs

certcli

CASetCertTypeProperty
CACreateCertType
CACertTypeSetSecurity
CASetCertTypeKeySpec
CAGetCertTypeFlags
CAFreeCertTypeExtensions
CAGetCertTypeKeySpec
CARemoveCACertificateType
CAEnumNextCertType
CAGetCertTypePropertyEx
CAEnumCertTypes
CASetCertTypeExtension
CAGetCertTypeProperty
CASetCertTypeFlags
CAFindCertTypeByName
CAUpdateCA
CAUpdateCertType
CAGetCertTypeExtensions
CAEnumCertTypesForCA
CACertTypeGetSecurity
CACloseCertType
CAGetCAProperty
CAAddCACertificateType
CAFreeCertTypeProperty
CACloseCA
CAFreeCAProperty
CAFindByName

advapi32

RegDeleteKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExW
RegEnumKeyExW
RegDeleteValueW
RegCloseKey

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2d1f338da2c60675db06106975f3669

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

certcli

advapi32

comctl32

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 77KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 77KB

.rsrc
Size: 24KB - Virtual size: 24KB