d4c5e21a07648462d17ef091f016f359a1c13201daae5e506fd9d2c8feb8bc45

General

Target

d4c5e21a07648462d17ef091f016f359a1c13201daae5e506fd9d2c8feb8bc45
Size

292KB
MD5

797fb2770729e1d5d997cad8f606f2e0
SHA1

291f8344f2d2fd3ac0668765e093fe788b665b72
SHA256

d4c5e21a07648462d17ef091f016f359a1c13201daae5e506fd9d2c8feb8bc45
SHA512

a7d200ca4f78dc473a31c49647cadc0ceb46a115c72037f8bf2b80e88d920bdd60bbfaf99052a0dd98df2805a583954cd554fd3a308d66ea0231f9ea38f3ad36
SSDEEP

6144:sfe2+6S7zAEVn6NbL8CP/cit+zwbIkhdc2jvgaYwzH:YH+362CP/cK+zwbIkhdc8gat

Score

N/A

Malware Config

Signatures

Files

d4c5e21a07648462d17ef091f016f359a1c13201daae5e506fd9d2c8feb8bc45
.exe windows x86

2a66bd85675d22cf64eee82e861a3c31

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcpyA
VirtualQueryEx
GetCommandLineA
GetStartupInfoA
GetFileAttributesW
ResumeThread
DeleteFileA
WriteConsoleW
WriteConsoleW
GetPrivateProfileSectionW
VirtualProtect
GetDriveTypeW
Sleep
GetStdHandle
GetProcessHeap
CopyFileA
HeapDestroy
WriteConsoleW
lstrlenW
SetEvent
GetModuleHandleA

mmcndmgr

DllRegisterServer
DllGetClassObject
DllCanUnloadNow
DllRegisterServer

cryptui

DllUnregisterServer
CryptUIStartCertMgr
CryptUIWizExport
CryptUIWizDigitalSign
CryptUIDlgViewContext
DllRegisterServer
CryptUIWizImport
CryptUIWizBuildCTL
WizardFree
LocalEnrollNoDS
WizardFree
LocalEnroll
LocalEnroll

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impexp
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a66bd85675d22cf64eee82e861a3c31

Headers

File Characteristics

Imports

kernel32

mmcndmgr

cryptui

Sections

.text Size: 2KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 2KB

.rdata Size: 512B - Virtual size: 296B

.rsrc Size: 284KB - Virtual size: 284KB

.rdata Size: 512B - Virtual size: 257B

.impexp Size: 512B - Virtual size: 80B

.text
Size: 2KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 2KB

.rdata
Size: 512B - Virtual size: 296B

.rsrc
Size: 284KB - Virtual size: 284KB

.rdata
Size: 512B - Virtual size: 257B

.impexp
Size: 512B - Virtual size: 80B