6c10298211d348270ff65b41a0c9eb19f831c6bb09682688c893e4d02e17b3fb

Sharing

Copy URL Twitter E-mail

General

Target

6c10298211d348270ff65b41a0c9eb19f831c6bb09682688c893e4d02e17b3fb
Size

100KB
MD5

32cbc4ad88e758572752f13a99cc0c23
SHA1

d3ae6fcb1650222086422aa017b99e72097df781
SHA256

6c10298211d348270ff65b41a0c9eb19f831c6bb09682688c893e4d02e17b3fb
SHA512

4a3af74eeb55ec63cbf8f85ebff9fdd95b718b79c6056ebd91beec323f1b7eff2820023bb2b577d5969ab57497765939d6fc5d1f16aa357c4e3f6e6f16b77986
SSDEEP

3072:Kg8V5e6qsUKjfp9cXqOGreM4JhjK5pd2auiP:Ibe6qiLMXuHAh4p9

Score

N/A

Malware Config

Signatures

Files

6c10298211d348270ff65b41a0c9eb19f831c6bb09682688c893e4d02e17b3fb
.exe windows x86

176729e35643320d426bd390cc44f5dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CARemoveCACertificateType
CAGetCAProperty
CASetCertTypeExtension
CAGetCertTypeExtensions
CAGetCertTypeKeySpec
CAUpdateCA
CACertTypeGetSecurity
CACertTypeSetSecurity
CASetCertTypeProperty
CAAddCACertificateType
CASetCertTypeKeySpec
CAFindCertTypeByName
CAGetCertTypeFlags
CAEnumCertTypes
CAFreeCertTypeProperty
CAEnumNextCertType
CAGetCertTypeProperty
CAEnumCertTypesForCA
CAGetCertTypePropertyEx
CAUpdateCertType
CACreateCertType
CAFreeCAProperty
CASetCertTypeFlags
CACloseCA
CAFindByName
CACloseCertType
CAFreeCertTypeExtensions

comctl32

CreatePropertySheetPageW
PropertySheetW

user32

LoadIconW
GetDC
SetDlgItemTextW
MessageBoxW
SetWindowTextW
SendDlgItemMessageW
EnableWindow
WinHelpW
LoadImageW
GetParent
PostMessageW
LoadCursorW
GetDlgItem
RegisterClipboardFormatW
LoadBitmapW
SendMessageW
GetDlgItemTextA
GetWindowLongW
SetWindowLongW
SetFocus
SetCursor
ReleaseDC
LoadStringW
wsprintfW
InsertMenuItemW
EndDialog
SystemParametersInfoW
DialogBoxParamW

msvcrt

wcsstr
free
__RTDynamicCast
wcscpy
__dllonexit
wcstoul
_wcsupr
_except_handler3
malloc
_initterm
??3@YAXPAX@Z
??1type_info@@UAE@XZ
wcschr
mbstowcs
wcslen
vswprintf
wcscmp
??2@YAPAXI@Z
wcscat
?terminate@@YAXXZ
memmove
wcsrchr
_onexit
_wcsicmp
_adjust_fdiv

kernel32

GetComputerNameW
GetEnvironmentStringsW
CloseHandle
GlobalAlloc
CreateFileW
GetCurrentThread
InterlockedIncrement
LoadLibraryW
GetStartupInfoA
GetSystemWindowsDirectoryW
GetCurrentProcess
GetTickCount
GlobalFree
QueryPerformanceCounter
WideCharToMultiByte
InterlockedDecrement
GlobalLock
GetProcAddress
lstrlenW
GetModuleHandleA
FileTimeToLocalFileTime
GetDateFormatW
DeleteCriticalSection
SetUnhandledExceptionFilter
GetModuleFileNameW
LocalFree
OutputDebugStringW
lstrcmpiW
lstrcpyW
LocalReAlloc
GetCPInfo
IsBadReadPtr
GlobalUnlock
GetLastError
SetLastError
FormatMessageW
GetSystemTimeAsFileTime
OutputDebugStringA
FileTimeToSystemTime
InitializeCriticalSection
GetSystemDefaultLangID

advapi32

RegDeleteValueW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

176729e35643320d426bd390cc44f5dd

Headers

File Characteristics

Imports

certcli

comctl32

user32

msvcrt

kernel32

advapi32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 102KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 102KB

.rsrc
Size: 23KB - Virtual size: 23KB