Sample details: 8924c7a7f685f5aea9cff1e57260c600 --

Hashes
MD5: 8924c7a7f685f5aea9cff1e57260c600
SHA1: 6b4420c23c6d963f6eb3c3289565c391c9828af9
SHA256: 7ae1424d8e13fc19c1575662ac13eb6b0764f7c6dd22e2b82b3de9bc97c630d1
SSDEEP: 768:TNCtbcAYU1R6aOyYXWsjJ9EZxyPCNuTXXiwrYY0XtDq91NFlq6K0sOxCM:TgFNOfXWsLI8pHjrY/9e9P3q6f
Details
File Type: PE32
Yara Hits
YRP/ASPack_v2001_Alexey_Solodovnikov | YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h | YRP/ASPack_v10804_additional | YRP/ASPack_v10804_Hint_WIN_EP | YRP/ASPack_v2000 | YRP/ASPack_v2001 | YRP/ASPackv2001AlexeySolodovnikov | YRP/IsPE32 | YRP/IsDLL | YRP/IsWindowsGUI | YRP/IsPacked | YRP/IsBeyondImageSize | YRP/domain | YRP/contentis_base64 | YRP/suspicious_packer_section |
Source
http://103.68.190.250/Sources//Advance/WndRec/output/RecvFiles/bktest070AF94CB6AC85282/CBankClient/SYSTEM/CryptLib3.DLL
Strings
		This program must be run under Win32
.idata
.edata
.reloc
.aspack
K(m!+AU
Ao*O"`{a t
+PX/zMt
bHML!Y
#|hRsh
KDy)o/>	
!="tVQQ
LM7._2
V`2"bK
4fU!s9
%-sy~D
u1.pdHzU
dl|q+@	
Rc$Ph={
ZyU^ X
ReZww{
=16bpa=
GW^|;!j*
efct[qU
FV5."Y
'>'@#0
9a9q+A
t-F<C=
Fc`4	(
@fTTq0[^
jFK-=##
Kn$Myu
pDD"<Z
o]nj;7*
ar^r_q
i`=|Q	
3~'5stl
1w8"BfJ
MjF+ywQ
.EI#2EQ#
<6~ _,
/_hQ~O
^fs5%w
dbCqE5
X|8^Wl
VX13 Y
2nk1bs[
]?^}=y=z
_WR-dp
eLePeTeXe`e\ed'
2|TjF$
946Jm)
(Z@RCU
X/+:~G
N{Mgdj
fb$z!y`
^$zXZy1
Cc-\FR
tcsOexT
VTdVTdq`
rI)!!G
F|&4cT5
cryptlib.dll
AddSign
CertAndRequestTransferMatch
ClearCash
ConvertTransferToSignedRequest
CreateDirStructure
DecodeData
DoneCryptoEngine
EncodeData
ExcludeSelfPublicKeyTransfer
GenerateNewSEK
GenerateNewSEKMDM
GenerateNewSSK
GetCryptoEngineStatus
GetCryptoEngineType
GetCryptoEngineTypes
GetCryptoErrorString
GetCryptoParamName
GetCryptoParamNumber
GetCryptoParamValue
GetCurrentUserUID
GetEncodeUIDBySignUID
GetLastErrorMessage
GetMaxAdditionEx
GetMaxCryptoEngineTypeLength
GetMaxCryptoParamNameLength
GetMaxCryptoParamValueLength
GetMaxEncodeAddition
GetMaxErrorStringLength
GetMaxFilePathLength
GetMaxPasswordLength
GetMaxPublicKeyPropertiesLength
GetMaxPublicKeyTransferSize
GetMaxReportSize
GetMaxSignAddition
GetMaxSignatureLength
GetMaxUIDLength
GetParamInfo
GetPublicKeyProperties
GetPublicKeyPropertiesByFile
GetPublicKeyPropertiesByTransfer
GetPublicKeyTransfer
GetPublicKeyTransferByFile
GetPureSign
GetRemoteGenType
GetReport
GetUIDByCertIdent
GetUIDByPublicKeyTransfer
HashData
IncludeCACertificateFromTransfer
IncludeCRL
IncludePublicEncodeKey
IncludePublicKey
IncludePublicKeyTransfer
InitCryptoEngine
InstallCertsInMyStore
IsDifferentKeys
RegisterOIDInfo
RemoteGenerateFinish
RemoteGenerateFinishEx
RemoteGenerateStart
RemoteGenerateStartEx
RemoveCertificate
RemoveSign
RemoveSignaturesFromFile
SavePublicKeyFromTransfer
SaveSignedDataToFile
SetCryptoParamValue
SetPasswordRequestFunc
SetRemoteGeneratePath
SetRootPath
SetTMRequestFunc
ShowCertificate
SignData
SignFile
TransPrivateKeyFromFileToTM
TransSignatureFromFileToTM
UpdateCertificateCash
VerifyData
VerifyFile
VerifySignWOCheckValidity
JH5%u.
\Aqw,l
*('4By4
u<CEf=
i*(n(G
 (08@P`p
kernel32.dll
VirtualAlloc
VirtualFree
VirtualProtect
ExitProcess
user32.dll
MessageBoxA
wsprintfA
LOADER ERROR
The procedure entry point %s could not be located in the dynamic link library %s
The ordinal %u could not be located in the dynamic link library %s
kernel32.dll
GetProcAddress
GetModuleHandleA
LoadLibraryA
user32.dll
advapi32.dll
oleaut32.dll
user32.dll
GetKeyboardType
RegQueryValueExA
VariantChangeTypeEx
MessageBoxA