b9192bab0ea599173dbc21ac802e1423b5226fff800189cc60fdaf0ea89a9812

Sharing

Copy URL

Twitter E-mail

General

Target

b9192bab0ea599173dbc21ac802e1423b5226fff800189cc60fdaf0ea89a9812
Size

101KB
MD5

a635b7365bee741a67dd99a478924f6f
SHA1

5470cec7d7ebc01d7391ba23aa246b497cf15d05
SHA256

b9192bab0ea599173dbc21ac802e1423b5226fff800189cc60fdaf0ea89a9812
SHA512

54184270c557249417c4e48be94c69588da4c2f80ea434ae9d19b812083ddb7717d59460edc1c6358afc60fb12cecd35474891b4886da94f4df492eaf2678053
SSDEEP

1536:XI7Ydarj16jvjUtdtft/Y71j0pSGtL/hm1lJSfQPnHY2ZXO0w:XIwaPMjwz/kF0pPtTQ1cQPHYuJ

Score

N/A

Malware Config

Signatures

Files

b9192bab0ea599173dbc21ac802e1423b5226fff800189cc60fdaf0ea89a9812
.exe windows x86

e8a78d9e57603350a95fd4d82c8ef714

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW

kernel32

GetLastError
SetUnhandledExceptionFilter
CreateFileW
QueryPerformanceCounter
GlobalUnlock
lstrcpyW
GlobalAlloc
GetStartupInfoA
WideCharToMultiByte
FileTimeToLocalFileTime
GetEnvironmentStringsW
CloseHandle
RemoveDirectoryA
InitializeCriticalSection
GetCPInfo
LocalFree
GlobalLock
FormatMessageW
OutputDebugStringW
LoadLibraryW
OutputDebugStringA
InterlockedDecrement
GetComputerNameW
LocalReAlloc
GetModuleHandleA
GetSystemDefaultLangID
lstrlenW
lstrcmpiW
IsBadReadPtr
GetSystemTimeAsFileTime
GetDateFormatW
GetTickCount
FileTimeToSystemTime
DeleteCriticalSection
InterlockedIncrement
GetCurrentProcess
GetSystemWindowsDirectoryW
GetProcAddress
GlobalFree
GetModuleFileNameW
SetLastError

msvcrt

malloc
_adjust_fdiv
??2@YAPAXI@Z
_initterm
_except_handler3
_wcsicmp
wcsrchr
_onexit
vswprintf
__RTDynamicCast
free
wcscmp
??1type_info@@UAE@XZ
_wcsupr
??3@YAXPAX@Z
wcscat
?terminate@@YAXXZ
wcsstr
wcslen
__dllonexit
wcschr
wcscpy
mbstowcs
memmove
wcstoul

certcli

CASetCertTypeExtension
CAFindCertTypeByName
CACertTypeGetSecurity
CARemoveCACertificateType
CAGetCAProperty
CAEnumCertTypes
CAFreeCertTypeProperty
CAFindByName
CAGetCertTypeFlags
CAUpdateCertType
CASetCertTypeProperty
CAGetCertTypeKeySpec
CAGetCertTypePropertyEx
CASetCertTypeKeySpec
CACertTypeSetSecurity
CAAddCACertificateType
CASetCertTypeFlags
CAFreeCertTypeExtensions
CAEnumCertTypesForCA
CAGetCertTypeProperty
CAGetCertTypeExtensions
CACloseCA
CACloseCertType
CAEnumNextCertType
CACreateCertType
CAUpdateCA
CAFreeCAProperty

user32

PostMessageW
RegisterClipboardFormatW
GetWindowLongW
GetParent
DialogBoxParamW
ReleaseDC
LoadStringW
SystemParametersInfoW
SendMessageW
GetDlgItemTextA
LoadImageW
SetWindowLongW
SetWindowTextW
LoadCursorW
SetDlgItemTextW
SetFocus
WinHelpW
EndDialog
InsertMenuItemW
SendDlgItemMessageW
MessageBoxW
GetDlgItem
LoadBitmapW
SetCursor
wsprintfW
GetDC
EnableWindow
LoadIconW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8a78d9e57603350a95fd4d82c8ef714

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

certcli

user32

comctl32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 71KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 71KB

.rsrc
Size: 23KB - Virtual size: 23KB