8e1e102b53a1f7e6509ad846fbcbc79ccada579e04d9924108a4b2a497cf99cb

General

Target

8e1e102b53a1f7e6509ad846fbcbc79ccada579e04d9924108a4b2a497cf99cb
Size

772KB
MD5

606a313c348088f0e9b30513663b1eb0
SHA1

4af364df0f013cb12af5e145ef6c5de36da31332
SHA256

8e1e102b53a1f7e6509ad846fbcbc79ccada579e04d9924108a4b2a497cf99cb
SHA512

80fa111e22b786b5a2c008f3984352bad82e6c07ae468744fc26a6d2abdd6148d836319570338aed88edf289eec3a04c33ab62c1860a9c601866c757a113041a
SSDEEP

24576:SdKzt8RrW8jMCk+45bR61SC22h08WPufBhEF0vqZxqdCd0z:oKeR8Ckf5GSqhxMufBhmDWCd0

Score

N/A

Malware Config

Signatures

Files

8e1e102b53a1f7e6509ad846fbcbc79ccada579e04d9924108a4b2a497cf99cb
.exe windows x86

ae55b09904b2483cfaa8db71b622db8d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
DeleteFileA
WriteConsoleW
GetCommandLineA
GetPrivateProfileSectionW
HeapDestroy
GetDriveTypeW
GetProcessHeap
Sleep
GetStartupInfoA
SetEvent
VirtualQueryEx
CopyFileA
lstrlenW
GetModuleHandleA
CancelIo
WriteConsoleW
GetFileAttributesA
GetStdHandle
lstrcpyA
WriteConsoleW

mmcndmgr

DllCanUnloadNow
DllRegisterServer
DllGetClassObject
DllRegisterServer

cryptui

CryptUIDlgViewContext
LocalEnroll
CryptUIWizExport
CryptUIWizBuildCTL
LocalEnrollNoDS
LocalEnroll
CryptUIWizImport
WizardFree
CryptUIStartCertMgr
WizardFree
DllRegisterServer
DllUnregisterServer
CryptUIWizDigitalSign

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 765KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impexp
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae55b09904b2483cfaa8db71b622db8d

Headers

File Characteristics

Imports

kernel32

mmcndmgr

cryptui

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 16KB

.rdata Size: 512B - Virtual size: 296B

.rsrc Size: 765KB - Virtual size: 2.1MB

.rdata Size: 512B - Virtual size: 257B

.impexp Size: 512B - Virtual size: 80B

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 16KB

.rdata
Size: 512B - Virtual size: 296B

.rsrc
Size: 765KB - Virtual size: 2.1MB

.rdata
Size: 512B - Virtual size: 257B

.impexp
Size: 512B - Virtual size: 80B