af911852abd184f3fde9ba8eb599b62990dcae9770bd340f1a81d08b414907d9

Sharing

Copy URL Twitter E-mail

General

Target

af911852abd184f3fde9ba8eb599b62990dcae9770bd340f1a81d08b414907d9
Size

104KB
MD5

391b0d219e45c824e9898561fb101908
SHA1

25429232b1eee10761e19348ac2e69c4fa39dfcf
SHA256

af911852abd184f3fde9ba8eb599b62990dcae9770bd340f1a81d08b414907d9
SHA512

d5cc330387f9fed8d783e366b63cca04f64a2dddf37b251c8213b02133cdac9395200b7110806f8baef3ead97d4dea52ed47d6226182ddd9611889f2aeabb084
SSDEEP

3072:bln4THb0eVuCCmFtDppFLAfKNmEB4taPjI:bx0hVdCcNfLJB4Kc

Score

N/A

Malware Config

Signatures

Files

af911852abd184f3fde9ba8eb599b62990dcae9770bd340f1a81d08b414907d9
.exe windows x86

238f687c8bfb6fecfc97013f025c9128

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__RTDynamicCast
_except_handler3
mbstowcs
wcstoul
vswprintf
memmove
_initterm
wcscat
free
??3@YAXPAX@Z
_wcsicmp
_purecall
wcslen
_adjust_fdiv
??1type_info@@UAE@XZ
wcsstr
_onexit
__dllonexit
wcscpy
wcsrchr
?terminate@@YAXXZ
wcscmp
malloc
_wcsupr
wcschr
??2@YAPAXI@Z

kernel32

lstrcmpiW
lstrlenW
CloseHandle
lstrcpyW
GlobalAlloc
CreateFileW
GetTickCount
GetStartupInfoA
GetLastError
DeleteCriticalSection
SetLastError
OutputDebugStringA
GetModuleFileNameW
GetModuleHandleA
SetUnhandledExceptionFilter
WideCharToMultiByte
GlobalFree
LoadLibraryW
GetSystemWindowsDirectoryW
RemoveDirectoryA
OutputDebugStringW
LocalFree
QueryPerformanceCounter
FileTimeToLocalFileTime
LocalReAlloc
GetACP
GetComputerNameW
GetSystemDefaultLangID
FormatMessageW
FileTimeToSystemTime
GlobalUnlock
InterlockedIncrement
InitializeCriticalSection
GetDateFormatW
InterlockedDecrement
GetCurrentProcess
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GlobalLock
IsBadReadPtr

user32

DialogBoxParamW
RegisterClipboardFormatW
LoadBitmapW
WinHelpW
LoadCursorW
SystemParametersInfoW
GetDlgItemTextA
SendDlgItemMessageW
GetDlgItem
EnableWindow
LoadIconW
SetWindowLongW
wsprintfW
MessageBoxW
SetDlgItemTextW
PostMessageW
GetParent
SetFocus
LoadStringW
GetDC
SetWindowTextW
EndDialog
InsertMenuItemW
SendMessageW
GetWindowLongW
ReleaseDC
LoadImageW
SetCursor

certcli

CAGetCertTypeKeySpec
CAGetCAProperty
CAGetCertTypePropertyEx
CAUpdateCA
CACloseCA
CAFreeCertTypeExtensions
CAFindCertTypeByName
CAAddCACertificateType
CAUpdateCertType
CASetCertTypeProperty
CAGetCertTypeFlags
CAFreeCAProperty
CACloseCertType
CACreateCertType
CASetCertTypeFlags
CAEnumCertTypesForCA
CAEnumNextCertType
CAGetCertTypeExtensions
CACertTypeGetSecurity
CAFindByName
CAEnumCertTypes
CAFreeCertTypeProperty
CASetCertTypeExtension
CASetCertTypeKeySpec
CACertTypeSetSecurity
CARemoveCACertificateType
CAGetCertTypeProperty

advapi32

RegQueryValueExW
RegDeleteValueW
RegEnumKeyExW
RegDeleteKeyW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

238f687c8bfb6fecfc97013f025c9128

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

certcli

advapi32

comctl32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 98KB

.rsrc Size: 25KB - Virtual size: 24KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 98KB

.rsrc
Size: 25KB - Virtual size: 24KB