10b4cbbafdd983b5e6f0dd903679331337cfc17808a955f22eef1b337349bb20

Sharing

Copy URL Twitter E-mail

General

Target

10b4cbbafdd983b5e6f0dd903679331337cfc17808a955f22eef1b337349bb20
Size

102KB
MD5

326ed0bdc8a8e3c1c06a17ab880747a7
SHA1

819632ea1fade096e6e197cf98e3ab6b5e964440
SHA256

10b4cbbafdd983b5e6f0dd903679331337cfc17808a955f22eef1b337349bb20
SHA512

430b5d7622d2055c32df2a88094d628afefe1ec9328f2cc986d2436e4306f7c14eca030b3f58913fa9769f8bbbe93a13116d124cd9ec498bb09462d4b46bbe88
SSDEEP

1536:7BjSSc2TaDpjR6GhL8bqbYJ5tVc92/EhMMMhCcH4DpbZ4:ljSWsb6GKOC5tVQncH4Dp14

Score

N/A

Malware Config

Signatures

Files

10b4cbbafdd983b5e6f0dd903679331337cfc17808a955f22eef1b337349bb20
.exe windows x86

6c25bae0e114a51d6b27d8017aa0174a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CASetCertTypeFlags
CAFindByName
CAFreeCAProperty
CAUpdateCA
CAFreeCertTypeExtensions
CAGetCertTypePropertyEx
CACertTypeSetSecurity
CAEnumCertTypes
CASetCertTypeKeySpec
CAGetCAProperty
CACloseCertType
CASetCertTypeProperty
CACertTypeGetSecurity
CAGetCertTypeFlags
CAEnumNextCertType
CAFindCertTypeByName
CACreateCertType
CAFreeCertTypeProperty
CARemoveCACertificateType
CAAddCACertificateType
CAUpdateCertType
CAGetCertTypeExtensions
CAGetCertTypeProperty
CASetCertTypeExtension
CACloseCA
CAEnumCertTypesForCA
CAGetCertTypeKeySpec

advapi32

RegOpenKeyExW
RegDeleteKeyW
RegCloseKey
RegEnumKeyExW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW

msvcrt

mbstowcs
_wcsicmp
vswprintf
_onexit
wcschr
__dllonexit
wcstoul
??1type_info@@UAE@XZ
??3@YAXPAX@Z
_wcsupr
??2@YAPAXI@Z
wcsstr
?terminate@@YAXXZ
_purecall
free
_initterm
wcscmp
malloc
__RTDynamicCast
wcsrchr
_adjust_fdiv
wcslen
wcscat
wcscpy
memmove
_except_handler3

user32

EnableWindow
LoadBitmapW
ReleaseDC
GetParent
LoadImageW
SendMessageW
PostMessageW
SendDlgItemMessageW
LoadCursorW
GetDC
LoadIconW
WinHelpW
SetCursor
SetWindowLongW
RegisterClipboardFormatW
GetDlgItem
wsprintfW
MessageBoxW
EndDialog
LoadStringW
InsertMenuItemW
DialogBoxParamW
SetFocus
SystemParametersInfoW
GetWindowLongW
SetWindowTextW
SetDlgItemTextW
GetDlgItemTextA

kernel32

DeleteCriticalSection
GetACP
GetSystemWindowsDirectoryW
FileTimeToSystemTime
CloseHandle
GetEnvironmentStringsW
GetComputerNameW
SetUnhandledExceptionFilter
GetSystemDefaultLangID
lstrlenW
InterlockedDecrement
GlobalUnlock
LoadLibraryW
GetModuleFileNameW
GetSystemTimeAsFileTime
LocalReAlloc
OutputDebugStringA
InitializeCriticalSection
FormatMessageW
GlobalFree
lstrcpyW
QueryPerformanceCounter
CreateFileW
WideCharToMultiByte
InterlockedIncrement
IsBadReadPtr
LocalFree
FileTimeToLocalFileTime
GetModuleHandleA
RemoveDirectoryA
SetLastError
GetLastError
OutputDebugStringW
GlobalAlloc
GetStartupInfoA
GetCurrentProcess
GlobalLock
GetTickCount
lstrcmpiW
GetDateFormatW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c25bae0e114a51d6b27d8017aa0174a

Headers

File Characteristics

Imports

certcli

advapi32

msvcrt

user32

kernel32

comctl32

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 100KB

.rsrc Size: 25KB - Virtual size: 24KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 100KB

.rsrc
Size: 25KB - Virtual size: 24KB