bf550c299a37f36e996568ea3d32518cc949d297414261025fd445a7ce1c7592

Sharing

Copy URL Twitter E-mail

General

Target

bf550c299a37f36e996568ea3d32518cc949d297414261025fd445a7ce1c7592
Size

99KB
MD5

49032779a6177717e9f41de8573e1d44
SHA1

7b50039a1125a88cb7d6e6e419325e42d242917a
SHA256

bf550c299a37f36e996568ea3d32518cc949d297414261025fd445a7ce1c7592
SHA512

137da8dcffe9f9690084d8112e776df7284a29f3f05936033f367c69b8fd3db12ee0feb5f878b48357b3b58821539c3e2f0e3b2d6573d2cb49ae74b85096c06a
SSDEEP

3072:xMkRYRDmV7PFQR0wFUW/hpLjXeymrJGg3YP:VYFmV9QREW/h0NJGcYP

Score

N/A

Malware Config

Signatures

Files

bf550c299a37f36e996568ea3d32518cc949d297414261025fd445a7ce1c7592
.exe windows x86

987415402e8b0ebe25719ed00ab286ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

mbstowcs
free
_initterm
_onexit
memmove
vswprintf
wcschr
wcscpy
?terminate@@YAXXZ
malloc
_purecall
wcsrchr
__RTDynamicCast
__dllonexit
??3@YAXPAX@Z
??2@YAPAXI@Z
??1type_info@@UAE@XZ
wcstoul
_except_handler3
wcslen
_adjust_fdiv
_wcsupr
_wcsicmp
wcsstr
wcscmp
wcscat

user32

LoadCursorW
GetDlgItemTextA
SendDlgItemMessageW
GetDC
SetDlgItemTextW
GetDlgItem
SetFocus
wsprintfW
SetWindowTextW
SetWindowLongW
MessageBoxW
RegisterClipboardFormatW
WinHelpW
SetCursor
SystemParametersInfoW
LoadStringW
GetWindowLongW
PostMessageW
SendMessageW
LoadImageW
ReleaseDC
EnableWindow
GetParent
LoadBitmapW
DialogBoxParamW
InsertMenuItemW
LoadIconW
EndDialog

kernel32

InitializeCriticalSection
GetDateFormatW
GetComputerNameW
GlobalAlloc
InterlockedIncrement
GetLastError
RemoveDirectoryA
lstrcmpiW
OutputDebugStringW
LocalFree
GetModuleHandleA
SetLastError
GlobalUnlock
GetStartupInfoA
DeleteCriticalSection
SetUnhandledExceptionFilter
LoadLibraryW
InterlockedDecrement
GetACP
GlobalFree
FileTimeToLocalFileTime
lstrlenW
OutputDebugStringA
GetTickCount
GlobalLock
QueryPerformanceCounter
GetSystemWindowsDirectoryW
LocalReAlloc
FormatMessageW
CloseHandle
IsBadReadPtr
GetModuleFileNameW
lstrcpyW
FileTimeToSystemTime
GetEnvironmentStringsW
CreateFileW
WideCharToMultiByte
GetCurrentProcess
GetSystemDefaultLangID
GetSystemTimeAsFileTime

advapi32

RegQueryValueExW
RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegDeleteKeyW

certcli

CAGetCertTypeFlags
CAUpdateCA
CAFindByName
CAFreeCertTypeExtensions
CAGetCertTypePropertyEx
CASetCertTypeFlags
CACreateCertType
CAFreeCertTypeProperty
CASetCertTypeExtension
CAGetCertTypeProperty
CAFreeCAProperty
CAGetCertTypeKeySpec
CACertTypeSetSecurity
CACloseCertType
CASetCertTypeKeySpec
CAUpdateCertType
CACertTypeGetSecurity
CACloseCA
CAEnumNextCertType
CAGetCAProperty
CAAddCACertificateType
CAGetCertTypeExtensions
CARemoveCACertificateType
CAEnumCertTypes
CAEnumCertTypesForCA
CAFindCertTypeByName
CASetCertTypeProperty

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

987415402e8b0ebe25719ed00ab286ac

Headers

File Characteristics

Imports

msvcrt

user32

kernel32

advapi32

certcli

comctl32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 114KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 114KB

.rsrc
Size: 23KB - Virtual size: 22KB