b1ee9a9b73f6b822f9e6a095518ae621d11dca48184fbfb0e0cdcbaa9827b03f

Sharing

Copy URL Twitter E-mail

General

Target

b1ee9a9b73f6b822f9e6a095518ae621d11dca48184fbfb0e0cdcbaa9827b03f
Size

99KB
MD5

4403dc6215dd6c6f9e2c5ad0d0cdc74e
SHA1

9e3352fda850e982c0571003ca6af134c313f129
SHA256

b1ee9a9b73f6b822f9e6a095518ae621d11dca48184fbfb0e0cdcbaa9827b03f
SHA512

a7133a10fb272276a2d2fd878a74dd4b6b127143d14e8659a6e3d231e8918be6b4a1bd89a11a3b13d45560a21299c3bfbb366bf7184c05dd20c664ab024d14a4
SSDEEP

1536:5aPF1FeWQeGfd4sZHi6fhAQ+6Jl2WjyR86i2co8iVs/5PfngmwmDtKfMZ:SeW+astioh9JyRA278j4mwRfM

Score

N/A

Malware Config

Signatures

Files

b1ee9a9b73f6b822f9e6a095518ae621d11dca48184fbfb0e0cdcbaa9827b03f
.exe windows x86

b1c85418bf6f5786455691f66d18cc92

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

mbstowcs
wcscat
wcslen
_onexit
wcsstr
wcsrchr
wcscmp
??1type_info@@UAE@XZ
_adjust_fdiv
__dllonexit
free
_purecall
memmove
??3@YAXPAX@Z
_initterm
vswprintf
malloc
wcscpy
_wcsupr
_wcsicmp
__RTDynamicCast
?terminate@@YAXXZ
_except_handler3
wcstoul
??2@YAPAXI@Z
wcschr

certcli

CASetCertTypeProperty
CACertTypeGetSecurity
CARemoveCACertificateType
CAEnumNextCertType
CACloseCertType
CASetCertTypeExtension
CAFindByName
CAGetCertTypeKeySpec
CAAddCACertificateType
CASetCertTypeKeySpec
CAEnumCertTypes
CACertTypeSetSecurity
CAGetCertTypeProperty
CAGetCertTypeExtensions
CACloseCA
CASetCertTypeFlags
CAGetCertTypePropertyEx
CAGetCAProperty
CAFreeCertTypeProperty
CAFreeCAProperty
CAFindCertTypeByName
CAEnumCertTypesForCA
CACreateCertType
CAGetCertTypeFlags
CAUpdateCertType
CAFreeCertTypeExtensions
CAUpdateCA

user32

LoadImageW
SetCursor
ReleaseDC
SetWindowTextW
DialogBoxParamW
SystemParametersInfoW
SetWindowLongW
EndDialog
LoadCursorW
InsertMenuItemW
wsprintfW
RegisterClipboardFormatW
GetDC
SetFocus
WinHelpW
GetDlgItem
SetDlgItemTextW
GetParent
LoadIconW
SendMessageW
LoadBitmapW
GetDlgItemTextA
GetWindowLongW
EnableWindow
SendDlgItemMessageW
LoadStringW
MessageBoxW
PostMessageW

kernel32

InterlockedIncrement
LoadLibraryW
FileTimeToLocalFileTime
WideCharToMultiByte
IsBadReadPtr
GetDateFormatW
GlobalAlloc
GetComputerNameW
GetModuleFileNameW
LocalFree
lstrcmpiW
GetCurrentProcess
GlobalLock
QueryPerformanceCounter
GetTickCount
LocalReAlloc
lstrcpyW
GetEnvironmentStringsW
GlobalFree
FileTimeToSystemTime
GetSystemWindowsDirectoryW
RemoveDirectoryA
InterlockedDecrement
GetACP
GetSystemDefaultLangID
SetUnhandledExceptionFilter
GetStartupInfoA
FormatMessageW
OutputDebugStringA
InitializeCriticalSection
GetSystemTimeAsFileTime
GetLastError
CloseHandle
GlobalUnlock
SetLastError
CreateFileW
lstrlenW
DeleteCriticalSection
OutputDebugStringW
GetModuleHandleA

advapi32

RegQueryValueExW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW

gdi32

GetDeviceCaps
CreateFontIndirectW
DeleteObject

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1c85418bf6f5786455691f66d18cc92

Headers

File Characteristics

Imports

msvcrt

certcli

user32

kernel32

advapi32

gdi32

comctl32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 123KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 123KB

.rsrc
Size: 23KB - Virtual size: 23KB