a5582eef13cc81b117fc418a552b3a62491bb3954048c62fc19812143111b1b4

Sharing

Copy URL Twitter E-mail

General

Target

a5582eef13cc81b117fc418a552b3a62491bb3954048c62fc19812143111b1b4
Size

101KB
MD5

a22a8cdf39f5db926a63ae4ec9b05f6a
SHA1

f59d2198905188b8ea51c482386b1a9e4d826a00
SHA256

a5582eef13cc81b117fc418a552b3a62491bb3954048c62fc19812143111b1b4
SHA512

b1e7dcd88cdfc3299a55ad30399889b07ab162ef921e3df9a7faef48191c2148c78265999f97f4dcc23bf68e6f959393f98e34304546afd3a03c857abfe706e2
SSDEEP

3072:KzwwM5HJOVcdcFzI6m8OarbLe5VtnPH+:RzZJsNzI6m8OarbLe5Vtv+

Score

N/A

Malware Config

Signatures

Files

a5582eef13cc81b117fc418a552b3a62491bb3954048c62fc19812143111b1b4
.exe windows x86

b13f77618ede8484c585a1765d136bb8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

mbstowcs
wcsrchr
wcscat
_wcsupr
_except_handler3
vswprintf
wcsstr
wcstoul
malloc
_wcsicmp
wcscmp
free
_onexit
?terminate@@YAXXZ
wcscpy
wcschr
??2@YAPAXI@Z
??3@YAXPAX@Z
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
__RTDynamicCast
memmove
wcslen
__dllonexit

user32

SetWindowTextW
SendDlgItemMessageW
wsprintfW
SetCursor
MessageBoxW
SetDlgItemTextW
DialogBoxParamW
LoadCursorW
EnableWindow
LoadIconW
GetWindowLongW
SendMessageW
SetFocus
ReleaseDC
WinHelpW
PostMessageW
SetWindowLongW
RegisterClipboardFormatW
GetDlgItem
LoadStringW
GetDC
GetDlgItemTextA
EndDialog
InsertMenuItemW
GetParent
LoadImageW
SystemParametersInfoW
LoadBitmapW

kernel32

GetLastError
QueryPerformanceCounter
OutputDebugStringA
GetEnvironmentStringsW
GetStartupInfoA
GlobalLock
InterlockedIncrement
LocalReAlloc
lstrcpyW
lstrlenW
GetTickCount
GetSystemWindowsDirectoryW
GetModuleHandleA
GlobalAlloc
GlobalUnlock
CloseHandle
DeleteCriticalSection
GetSystemTimeAsFileTime
FileTimeToSystemTime
GetProcAddress
InterlockedDecrement
GlobalFree
LocalFree
WideCharToMultiByte
OutputDebugStringW
GetCPInfo
GetSystemDefaultLangID
GetDateFormatW
InitializeCriticalSection
GetComputerNameW
GetCurrentProcess
LoadLibraryW
SetLastError
GetModuleFileNameW
CreateFileW
FormatMessageW
lstrcmpiW
SetUnhandledExceptionFilter
GetCurrentThread
FileTimeToLocalFileTime
IsBadReadPtr

advapi32

RegCloseKey
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW

certcli

CAEnumCertTypes
CAEnumNextCertType
CASetCertTypeExtension
CAGetCertTypePropertyEx
CAUpdateCA
CAGetCertTypeProperty
CACertTypeGetSecurity
CASetCertTypeProperty
CAFindByName
CAFindCertTypeByName
CAGetCAProperty
CACertTypeSetSecurity
CAGetCertTypeExtensions
CAGetCertTypeFlags
CACreateCertType
CASetCertTypeKeySpec
CAEnumCertTypesForCA
CAFreeCAProperty
CAGetCertTypeKeySpec
CAFreeCertTypeProperty
CAAddCACertificateType
CAFreeCertTypeExtensions
CARemoveCACertificateType
CASetCertTypeFlags
CACloseCertType
CAUpdateCertType
CACloseCA

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b13f77618ede8484c585a1765d136bb8

Headers

File Characteristics

Imports

msvcrt

user32

kernel32

advapi32

certcli

comctl32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 124KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 124KB

.rsrc
Size: 23KB - Virtual size: 22KB