1e1cd659fb0369213672e3525da6f87d78c9336050a336cc710dbde4823d6276

Sharing

Copy URL Twitter E-mail

General

Target

1e1cd659fb0369213672e3525da6f87d78c9336050a336cc710dbde4823d6276
Size

102KB
MD5

61306580e6e1eec1534ba47bb2fa184a
SHA1

881a1caf9e0a02f8f761920dde4c63e1e3e74b45
SHA256

1e1cd659fb0369213672e3525da6f87d78c9336050a336cc710dbde4823d6276
SHA512

cde8a39fffb167fc8e951aa7e487a30e19bf0efb548c230bd58ef436f16610d7ef3db28bd446bf26f8a7f8432b616e233673a2889008c2450f7564d64b07daa5
SSDEEP

3072:bGYgtZTuXdEVdvTFMmhsFry+U+Yym+1ZSUFCkQJ:KYuqXdEVdbFfGy+hZStkQ

Score

N/A

Malware Config

Signatures

Files

1e1cd659fb0369213672e3525da6f87d78c9336050a336cc710dbde4823d6276
.exe windows x86

4357c1b92e04e8929fe16d76e0e93787

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
GetEnvironmentStringsW
DeleteCriticalSection
CloseHandle
OutputDebugStringW
WideCharToMultiByte
FileTimeToSystemTime
SetUnhandledExceptionFilter
SetLastError
LocalReAlloc
IsBadReadPtr
CreateFileW
RemoveDirectoryA
GetCurrentProcess
LoadLibraryW
GetSystemWindowsDirectoryW
GetLastError
GetCPInfo
FileTimeToLocalFileTime
InterlockedDecrement
GetSystemDefaultLangID
FormatMessageW
lstrcpyW
GetModuleFileNameW
GlobalLock
GetSystemTimeAsFileTime
lstrcmpiW
InitializeCriticalSection
GetTickCount
GetModuleHandleA
QueryPerformanceCounter
GetComputerNameW
GetStartupInfoA
lstrlenW
GlobalFree
OutputDebugStringA
GetDateFormatW
GlobalAlloc
LocalFree
GlobalUnlock
GetProcAddress

msvcrt

wcscmp
wcschr
_initterm
_except_handler3
wcsrchr
_onexit
__RTDynamicCast
wcslen
_wcsupr
?terminate@@YAXXZ
_adjust_fdiv
vswprintf
malloc
__dllonexit
wcscat
wcsstr
wcstoul
memmove
mbstowcs
wcscpy
_wcsicmp
free
??3@YAXPAX@Z
??1type_info@@UAE@XZ
??2@YAPAXI@Z

certcli

CAGetCertTypeExtensions
CAAddCACertificateType
CACloseCA
CASetCertTypeKeySpec
CACertTypeSetSecurity
CAGetCertTypeFlags
CACertTypeGetSecurity
CACreateCertType
CACloseCertType
CAGetCertTypeKeySpec
CAFindByName
CAFreeCAProperty
CASetCertTypeExtension
CAUpdateCertType
CAGetCertTypePropertyEx
CAEnumCertTypes
CASetCertTypeProperty
CAEnumCertTypesForCA
CAEnumNextCertType
CAUpdateCA
CAGetCertTypeProperty
CAFreeCertTypeExtensions
CARemoveCACertificateType
CAFreeCertTypeProperty
CAFindCertTypeByName
CASetCertTypeFlags
CAGetCAProperty

user32

MessageBoxW
GetDlgItem
ReleaseDC
LoadIconW
SetWindowTextW
RegisterClipboardFormatW
SetWindowLongW
GetDlgItemTextA
WinHelpW
SetFocus
PostMessageW
LoadStringW
SystemParametersInfoW
LoadImageW
SendMessageW
LoadCursorW
SetCursor
SendDlgItemMessageW
EnableWindow
wsprintfW
InsertMenuItemW
LoadBitmapW
GetWindowLongW
DialogBoxParamW
SetDlgItemTextW
EndDialog
GetParent
GetDC

advapi32

RegCreateKeyExW
RegQueryValueExW
RegCloseKey
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4357c1b92e04e8929fe16d76e0e93787

Headers

File Characteristics

Imports

kernel32

msvcrt

certcli

user32

advapi32

comctl32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 116KB

.rsrc Size: 26KB - Virtual size: 25KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 116KB

.rsrc
Size: 26KB - Virtual size: 25KB