ChromePassDecrypter[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ChromePassDecrypter.exe
Size

7.9MB
MD5

6b0b35103aa1a805fe9ebbd7be1e3958
SHA1

be0a0475cb7706eae37d503bfa0fc6eddeca9654
SHA256

f89c076128406c96276b8a872501c777f953bbc4f2f2f05d7814ed290f0b2cc6
SHA512

9e14ce3483428bd3322bcc08c04b427284b50054c9dd895d13aef936cb60f07375a8a6b74aa2875130f1e8604fb8f53e5f3e1d6309063e9bd1bb9904350d2a83
SSDEEP

196608:dMztiNQZdUp1Q2bIcS/Ksr5BIJvKPNJNswxBxDRJ6F8BfR/m9NijuuDGZRoeFPjr:KiDp1mUCJ336F8BJ/CcNClXthca7mc8s

Score

N/A

Malware Config

Signatures

Files

ChromePassDecrypter.exe
.exe windows x86

fd372454d1969a3119d76599c26ad169

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegCreateKeyExW
RegDeleteKeyA
RegDeleteKeyW
RegDeleteValueA
RegDeleteValueW
RegEnumKeyExA
RegEnumKeyExW
RegEnumValueA
RegEnumValueW
RegFlushKey
RegOpenKeyExA
RegOpenKeyExW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegQueryValueExA
RegQueryValueExW
RegSetValueExA
RegSetValueExW

comdlg32

GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA
GetSaveFileNameW

gdi32

AbortDoc
BeginPath
BitBlt
CloseFigure
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
CreateDCW
CreateDIBSection
CreateEllipticRgn
CreateFontIndirectA
CreateFontIndirectW
CreatePalette
CreatePen
CreatePolygonRgn
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
EndDoc
EndPage
EndPath
EnumFontFamiliesExA
EnumFontFamiliesExW
EqualRgn
ExtCreateRegion
ExtTextOutW
FillPath
GdiFlush
GetBkMode
GetCharABCWidthsA
GetCharABCWidthsFloatW
GetCharABCWidthsW
GetDIBits
GetDeviceCaps
GetFontData
GetGlyphOutlineA
GetGlyphOutlineW
GetNearestPaletteIndex
GetObjectA
GetObjectW
GetOutlineTextMetricsA
GetPaletteEntries
GetRegionData
GetRgnBox
GetStockObject
GetTextCharsetInfo
GetTextExtentPoint32W
GetTextFaceA
GetTextFaceW
GetTextMetricsA
GetTextMetricsW
LineTo
MoveToEx
OffsetRgn
PolyBezierTo
PtInRegion
RealizePalette
RectInRegion
ResetDCA
ResetDCW
RestoreDC
SaveDC
SelectClipPath
SelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetGraphicsMode
SetPolyFillMode
SetTextAlign
SetTextColor
SetWorldTransform
StartDocA
StartDocW
StartPage
StretchBlt
StrokePath
TextOutA
TextOutW

imm32

ImmAssociateContext
ImmGetCompositionStringA
ImmGetCompositionStringW
ImmGetContext
ImmGetDefaultIMEWnd
ImmNotifyIME
ImmReleaseContext
ImmSetCandidateWindow
ImmSetCompositionFontA
ImmSetCompositionFontW
ImmSetCompositionWindow

kernel32

AddAtomA
AreFileApisANSI
CloseHandle
CompareStringA
CompareStringW
CopyFileA
CopyFileW
CreateDirectoryA
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateProcessA
CreateProcessW
CreateSemaphoreA
CreateSemaphoreW
DeleteCriticalSection
DeleteFileA
DeleteFileW
DuplicateHandle
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsA
FileTimeToSystemTime
FindAtomA
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstChangeNotificationW
FindFirstFileA
FindFirstFileW
FindNextChangeNotification
FindNextFileA
FindNextFileW
FlushFileBuffers
FormatMessageA
FormatMessageW
FreeLibrary
GetAtomNameA
GetCommandLineA
GetCommandLineW
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDateFormatW
GetDriveTypeA
GetDriveTypeW
GetFileAttributesA
GetFileAttributesExA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileTime
GetFileType
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDrives
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProfileStringA
GetProfileStringW
GetStartupInfoA
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathA
GetTempPathW
GetThreadPriority
GetTickCount
GetTimeFormatA
GetTimeFormatW
GetUserDefaultLCID
GetUserDefaultLangID
GetVersionExA
GetVersionExW
GetVolumeInformationA
GetVolumeInformationW
GlobalAlloc
GlobalFree
GlobalLock
GlobalSize
GlobalUnlock
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
IsDBCSLeadByteEx
IsValidLocale
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LocalFree
LockFile
LockFileEx
MapViewOfFile
MoveFileA
MoveFileW
MultiByteToWideChar
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
ReadFile
ReleaseSemaphore
RemoveDirectoryA
RemoveDirectoryW
ResetEvent
ResumeThread
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetErrorMode
SetEvent
SetFilePointer
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnlockFile
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteFile
lstrcmpW

msvcrt

_close
_getpid
_putenv
_write
__getmainargs
__lc_codepage
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_access
_assert
_beginthread
_beginthreadex
_cexit
_chmod
_clearfp
_close
_control87
_endthreadex
_errno
_filelengthi64
_flushall
_fstati64
_get_osfhandle
_getdcwd
_getdrive
_iob
_isctype
_lseeki64
_onexit
_open_osfhandle
_pctype
_read
_setjmp
_setmode
_stati64
_tzname
_tzset
_vsnprintf
_waccess
_wchmod
_wgetdcwd
_write
abort
acos
atan
atan2
atexit
atoi
bsearch
calloc
ceil
cos
fclose
fflush
fgetpos
fgets
floor
fopen
fprintf
fputc
fread
free
fsetpos
ftell
fwrite
getenv
gmtime
localeconv
localtime
log
log10
longjmp
malloc
memchr
memcpy
memmove
memset
mktime
pow
rand
realloc
remove
signal
sin
sqrt
srand
sscanf
strchr
strcmp
strcpy
strlen
strncmp
strncpy
strrchr
strstr
strtod
tan
tolower
toupper
wcslen
wcsrchr

ole32

CoCreateGuid
CoCreateInstance
CoGetMalloc
CoInitialize
CoLockObjectExternal
CoTaskMemFree
CoUninitialize
DoDragDrop
OleFlushClipboard
OleGetClipboard
OleInitialize
OleIsCurrentClipboard
OleSetClipboard
OleUninitialize
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
StringFromGUID2

oleaut32

SysAllocStringByteLen
VariantInit

shell32

SHBrowseForFolderA
SHGetFileInfoW
SHGetMalloc
SHGetPathFromIDListA
ShellExecuteA
ShellExecuteW

user32

AdjustWindowRectEx
BeginPaint
CallNextHookEx
ChangeClipboardChain
CharNextExA
ClientToScreen
ClipCursor
CreateCaret
CreateCursor
CreateIconIndirect
CreateWindowExA
CreateWindowExW
DefWindowProcA
DefWindowProcW
DestroyCaret
DestroyCursor
DestroyIcon
DestroyWindow
DispatchMessageA
DispatchMessageW
DrawIconEx
EnableMenuItem
EndPaint
GetActiveWindow
GetCaretBlinkTime
GetClassInfoA
GetClassInfoW
GetClientRect
GetClipboardFormatNameA
GetClipboardFormatNameW
GetCursorPos
GetDC
GetDesktopWindow
GetDoubleClickTime
GetFocus
GetIconInfo
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardState
GetMenu
GetMessageA
GetMessageW
GetParent
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetUpdateRect
GetWindowLongA
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowRgn
HideCaret
InvalidateRect
InvalidateRgn
IsChild
IsIconic
IsWindowVisible
IsZoomed
KillTimer
LoadCursorA
LoadCursorW
LoadIconA
LoadIconW
LoadImageW
MapVirtualKeyA
MapVirtualKeyW
MessageBeep
MoveWindow
MsgWaitForMultipleObjectsEx
PeekMessageA
PeekMessageW
PostMessageA
PostMessageW
RegisterClassA
RegisterClassW
RegisterClipboardFormatA
RegisterClipboardFormatW
RegisterWindowMessageA
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
ScreenToClient
ScrollWindowEx
SendMessageA
SendMessageW
SetCapture
SetCaretBlinkTime
SetCaretPos
SetClipboardViewer
SetCursor
SetCursorPos
SetDoubleClickTime
SetFocus
SetForegroundWindow
SetMenuItemInfoW
SetParent
SetRect
SetTimer
SetWindowLongA
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextA
SetWindowTextW
SetWindowsHookExA
ShowWindow
SystemParametersInfoA
SystemParametersInfoW
ToAscii
ToUnicode
TrackPopupMenuEx
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UnregisterClassW
UpdateWindow
ValidateRgn
WindowFromPoint

winmm

PlaySoundA
PlaySoundW

winspool.drv

ClosePrinter
DeviceCapabilitiesA
DeviceCapabilitiesW
EnumFormsW
EnumPrintersA
EnumPrintersW
GetPrinterA
GetPrinterW
OpenPrinterA
OpenPrinterW

ws2_32

WSAAsyncSelect

crypt32

CryptUnprotectData

Sections

.text
Size: 6.8MB - Virtual size: 6.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 39KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fd372454d1969a3119d76599c26ad169

Headers

File Characteristics

Imports

advapi32

comdlg32

gdi32

imm32

kernel32

msvcrt

ole32

oleaut32

shell32

user32

winmm

winspool.drv

ws2_32

crypt32

Sections

.text Size: 6.8MB - Virtual size: 6.8MB

.data Size: 1.1MB - Virtual size: 1.1MB

.bss Size: - Virtual size: 39KB

.idata Size: 16KB - Virtual size: 15KB

.text
Size: 6.8MB - Virtual size: 6.8MB

.data
Size: 1.1MB - Virtual size: 1.1MB

.bss
Size: - Virtual size: 39KB

.idata
Size: 16KB - Virtual size: 15KB