4a89cc07131251ace9a5c50ed41f2e4cbb5210ed1284e9d688b61f09019e88d7

General

Target

4a89cc07131251ace9a5c50ed41f2e4cbb5210ed1284e9d688b61f09019e88d7
Size

773KB
MD5

6e9e48c756a44214c436119732bb95b0
SHA1

9f0edd16719d2dc698b66333002882e126298b48
SHA256

4a89cc07131251ace9a5c50ed41f2e4cbb5210ed1284e9d688b61f09019e88d7
SHA512

db6bd3f798591a81fbde19e9fad0ec7a9d93c8c17bf772009d3a387084574482eefd8187c3d2f8793236f73264ce22a2c8021a970b7b00870f0fef4c96d9f804
SSDEEP

12288:E8SFwmeecNO5pEyC9esBccl8RuiPL1ytUCIT8+uKnAGU+ZbIQi9EFA:Kveecw727ccyRPLIGC1+rAGUdQ

Score

N/A

Malware Config

Signatures

Files

4a89cc07131251ace9a5c50ed41f2e4cbb5210ed1284e9d688b61f09019e88d7
.exe windows x86

610a27346e55fe9ba94817fff7ae60fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ResumeThread
GetPriorityClass
GetModuleHandleA
GetFileAttributesW
WriteConsoleW
lstrcpyA
VirtualProtect
GetCurrentDirectoryA
SetEvent
GetCommandLineA
CreatePipe
lstrlenW
DeleteFileA
GetStartupInfoA
GetStdHandle
HeapDestroy
DisconnectNamedPipe
GetProcessHeap
WriteConsoleW
WriteConsoleW
CopyFileA

mmcndmgr

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllRegisterServer

cryptui

CryptUIWizExport
DllUnregisterServer
CryptUIStartCertMgr
WizardFree
CryptUIWizBuildCTL
LocalEnroll
WizardFree
CryptUIWizBuildCTL
CryptUIDlgViewContext
CryptUIWizDigitalSign
CryptUIWizImport
LocalEnroll
DllRegisterServer

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 764KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

610a27346e55fe9ba94817fff7ae60fe

Headers

File Characteristics

Imports

kernel32

mmcndmgr

cryptui

Sections

.text Size: 3KB - Virtual size: 3KB

.data Size: 3KB - Virtual size: 3KB

.rdata Size: 512B - Virtual size: 280B

.rsrc Size: 764KB - Virtual size: 2.1MB

.rdata Size: 512B - Virtual size: 257B

.impdata Size: 512B - Virtual size: 257B

.text
Size: 3KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 3KB

.rdata
Size: 512B - Virtual size: 280B

.rsrc
Size: 764KB - Virtual size: 2.1MB

.rdata
Size: 512B - Virtual size: 257B

.impdata
Size: 512B - Virtual size: 257B