9ff9ef28896bff46e8439b8a9b257fc396d31b8eb07f9a61753b9d9a37e87822

Sharing

Copy URL

Twitter E-mail

General

Target

9ff9ef28896bff46e8439b8a9b257fc396d31b8eb07f9a61753b9d9a37e87822
Size

99KB
MD5

be313a53e96e1b17b88908a39482920e
SHA1

f0c07a7b64b112b45ab41b9d2c2e2456340480b9
SHA256

9ff9ef28896bff46e8439b8a9b257fc396d31b8eb07f9a61753b9d9a37e87822
SHA512

1ecaf5a0515d8b31faaf27c139328d2b684958f2b8dd8e4047809cad98776f10be14be9a9a2345158d821194c8021f97eb4bbe1093705da698b57b75362ced48
SSDEEP

1536:3jAhGD2ijgORNMmTY8gltBEBfIpTNF7lkiz2Ip1WAmkdgBNo:XbjgWdY8gfyyTr6iSy1jDW

Score

N/A

Malware Config

Signatures

Files

9ff9ef28896bff46e8439b8a9b257fc396d31b8eb07f9a61753b9d9a37e87822
.exe windows x86

a6741f0df74e50796c3abe4e731a5116

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

?terminate@@YAXXZ
wcscat
free
wcstoul
_except_handler3
_wcsicmp
??1type_info@@UAE@XZ
wcscpy
__dllonexit
wcschr
wcslen
malloc
_adjust_fdiv
??3@YAXPAX@Z
wcsrchr
_initterm
vswprintf
wcscmp
_wcsupr
??2@YAPAXI@Z
__RTDynamicCast
wcsstr
mbstowcs
memmove
_onexit

kernel32

OutputDebugStringA
GetCurrentProcess
GetModuleHandleA
InterlockedDecrement
GetDateFormatW
GetTickCount
GlobalUnlock
IsBadReadPtr
GetSystemTimeAsFileTime
OutputDebugStringW
RemoveDirectoryA
GetSystemWindowsDirectoryW
FileTimeToLocalFileTime
GetModuleFileNameW
DeleteCriticalSection
GetProcAddress
GetStartupInfoA
GlobalFree
SetUnhandledExceptionFilter
CreateFileW
GetLastError
lstrcmpiW
GlobalLock
QueryPerformanceCounter
GlobalAlloc
InitializeCriticalSection
WideCharToMultiByte
GetSystemDefaultLangID
FormatMessageW
GetEnvironmentStringsW
FileTimeToSystemTime
SetLastError
lstrlenW
GetComputerNameW
LocalReAlloc
lstrcpyW
LoadLibraryW
GetCPInfo
CloseHandle
InterlockedIncrement
LocalFree

certcli

CACertTypeSetSecurity
CACloseCA
CASetCertTypeExtension
CACreateCertType
CAEnumCertTypesForCA
CAFreeCertTypeExtensions
CAGetCertTypeFlags
CAGetCertTypeKeySpec
CACertTypeGetSecurity
CARemoveCACertificateType
CAAddCACertificateType
CASetCertTypeFlags
CACloseCertType
CAEnumCertTypes
CAFreeCAProperty
CAGetCertTypeExtensions
CAGetCertTypeProperty
CAFindCertTypeByName
CAUpdateCA
CAGetCertTypePropertyEx
CAUpdateCertType
CASetCertTypeKeySpec
CAFreeCertTypeProperty
CAEnumNextCertType
CAFindByName
CASetCertTypeProperty
CAGetCAProperty

user32

GetDlgItem
SetFocus
GetDC
LoadStringW
GetParent
LoadCursorW
LoadIconW
SendMessageW
PostMessageW
SetWindowLongW
GetWindowLongW
LoadBitmapW
wsprintfW
ReleaseDC
RegisterClipboardFormatW
SetWindowTextW
GetDlgItemTextA
MessageBoxW
DialogBoxParamW
SendDlgItemMessageW
LoadImageW
EndDialog
WinHelpW
SetCursor
SetDlgItemTextW
SystemParametersInfoW
EnableWindow
InsertMenuItemW

advapi32

RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExW
RegCloseKey

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6741f0df74e50796c3abe4e731a5116

Headers

File Characteristics

Imports

msvcrt

kernel32

certcli

user32

advapi32

comctl32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 79KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 79KB

.rsrc
Size: 23KB - Virtual size: 22KB