89b68d190315e6476b0a8b135e6e515ab931c10a

Sharing

Copy URL

Twitter E-mail

General

Target

89b68d190315e6476b0a8b135e6e515ab931c10a
Size

459KB
MD5

1edba8a76c4a327f6e0b81e85c14ede6
SHA1

89b68d190315e6476b0a8b135e6e515ab931c10a
SHA256

72c3a786661ee9742cf1d0e3b99b89e976911ed87971695f08487cf42d7fc29d
SHA512

3347452e348f52a17a787574136d8d0fccc70511205e47bd2fdc546718b87d22f9280621bc5a849c6b5834e1226a453ccc1657ff34f63877f052713ca9710562
SSDEEP

12288:/38LUKZp2WDqHIbwMUUjLZUJtUp23vqmkgB:/OTp2CqHczjlUJtUp23vtB

Score

10^/10

Malware Config

Signatures

Nirsoft 1 IoCs

resource	yara_rule
sample	Nirsoft

NirSoft WebBrowserPassView 1 IoCs

Password recovery tool for various web browsers

resource	yara_rule
sample	WebBrowserPassView

Files

89b68d190315e6476b0a8b135e6e515ab931c10a
.exe windows x86

53d7a472d17725cd3f06b8ab4297b1ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

comctl32

ImageList_Add
CreateStatusWindowW
ImageList_SetImageCount
ImageList_AddMasked
ImageList_Create
ord17
ImageList_ReplaceIcon
CreateToolbarEx

wininet

FindNextUrlCacheEntryW
FindCloseUrlCache
FindFirstUrlCacheEntryW

kernel32

ReadFile
GetModuleFileNameW
lstrlenW
FindResourceW
GlobalUnlock
LoadResource
GetTempPathW
SystemTimeToTzSpecificLocalTime
GlobalAlloc
LoadLibraryExW
GetSystemDirectoryW
FindNextFileW
GetFileTime
SizeofResource
FindClose
FormatMessageW
GlobalLock
GetWindowsDirectoryW
GetVersionExW
GetDateFormatW
DuplicateHandle
GetCurrentProcessId
OpenProcess
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
GetCurrentProcess
GetPrivateProfileStringW
WritePrivateProfileStringW
SetFilePointer
EnumResourceNamesW
GetStdHandle
ExitProcess
ReadProcessMemory
GetSystemTimeAsFileTime
Process32NextW
CreateToolhelp32Snapshot
Process32FirstW
EnumResourceTypesW
GetFullPathNameW
InitializeCriticalSection
GetFullPathNameA
CreateFileA
GetDiskFreeSpaceA
Sleep
GetSystemInfo
LeaveCriticalSection
SetEndOfFile
GetFileAttributesA
QueryPerformanceCounter
GetFileAttributesExW
DeleteCriticalSection
InterlockedCompareExchange
FlushFileBuffers
UnlockFile
LockFile
UnlockFileEx
GetTempPathA
FormatMessageA
LockFileEx
GetSystemTime
EnterCriticalSection
AreFileApisANSI
GetDiskFreeSpaceW
DeleteFileA
LockResource
GetModuleHandleA
GetStartupInfoW
GetFileAttributesW
FindFirstFileW
lstrcpyW
GetTimeFormatW
GetTempFileNameW
SetFilePointerEx
GetTickCount
GetModuleHandleW
FileTimeToSystemTime
LoadLibraryW
GetProcAddress
GetLastError
FreeLibrary
CompareFileTime
WideCharToMultiByte
WriteFile
GetFileSize
MultiByteToWideChar
CreateFileW
CopyFileW
LocalFree
DeleteFileW
FileTimeToLocalFileTime
CloseHandle
SetErrorMode
SystemTimeToFileTime
GetPrivateProfileIntW

user32

BeginDeferWindowPos
EndDeferWindowPos
KillTimer
GetMenuItemCount
CheckMenuRadioItem
CheckMenuItem
GetCursorPos
SetClipboardData
GetSubMenu
GetMenu
EnableWindow
MapWindowPoints
EmptyClipboard
EnableMenuItem
GetClassNameW
GetMenuStringW
OpenClipboard
CloseClipboard
MoveWindow
DialogBoxParamW
CreateDialogParamW
EnumChildWindows
LoadStringW
DestroyWindow
GetDesktopWindow
GetWindowTextW
LoadMenuW
ModifyMenuW
GetMenuItemInfoW
GetDlgCtrlID
DestroyMenu
RegisterWindowMessageW
TrackPopupMenu
PostQuitMessage
IsDialogMessageW
DrawTextExW
GetMessageW
DispatchMessageW
TranslateMessage
GetKeyState
MonitorFromWindow
GetMonitorInfoW
GetParent
SetFocus
GetWindowLongW
GetSysColor
LoadIconW
LoadImageW
SetMenu
SetWindowPlacement
TranslateAcceleratorW
MessageBoxW
RegisterClassW
PostMessageW
SendMessageW
DefWindowProcW
LoadAcceleratorsW
CreateWindowExW
DeferWindowPos
GetSystemMetrics
GetClientRect
BeginPaint
GetDlgItemTextW
SetDlgItemTextW
SetDlgItemInt
UpdateWindow
GetWindowPlacement
SetWindowTextW
DrawFrameControl
InvalidateRect
GetWindow
EndPaint
GetDlgItem
SetWindowLongW
EndDialog
SendDlgItemMessageW
GetDlgItemInt
GetWindowRect
ChildWindowFromPoint
LoadCursorW
SetCursor
ShowWindow
ReleaseDC
GetSysColorBrush
GetDC
SetWindowPos
SetTimer

gdi32

GetObjectW
GetPixel
SetPixel
SelectObject
CreateCompatibleDC
GetTextExtentPoint32W
GetStockObject
SetBkColor
CreateCompatibleBitmap
SetStretchBltMode
CreateFontIndirectW
StretchBlt
DeleteDC
GetDeviceCaps
SetBkMode
DeleteObject
SetTextColor

comdlg32

GetSaveFileNameW
FindTextW
GetOpenFileNameW

advapi32

RegSetValueExW
RegCloseKey
RegEnumValueW
RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW

shell32

ShellExecuteW
SHGetMalloc
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW

ole32

CoTaskMemFree
CoUninitialize
CoInitialize
CoCreateGuid

msvcrt

memset
memcpy
_except_handler3
_controlfp
wcsrchr
_snwprintf
wcsncat
_wtoi
wcschr
_wcsicmp
_purecall
??2@YAPAXI@Z
??3@YAXPAX@Z
_wcsnicmp
_wtoi64
_memicmp
wcstoul
modf
free
malloc
memmove
wcsncmp
_wcsupr
_strlwr
strchr
_wcslwr
_itow
_gmtime64
realloc
strftime
memchr
__dllonexit
_onexit
_c_exit
_exit
_XcptFilter
_cexit
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_CIlog

Sections

.text
Size: 374KB - Virtual size: 373KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53d7a472d17725cd3f06b8ab4297b1ea

Headers

File Characteristics

Imports

version

comctl32

wininet

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

msvcrt

Sections

.text Size: 374KB - Virtual size: 373KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 5KB - Virtual size: 101KB

.rsrc Size: 34KB - Virtual size: 34KB

.text
Size: 374KB - Virtual size: 373KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 5KB - Virtual size: 101KB

.rsrc
Size: 34KB - Virtual size: 34KB