0fcf6528106137ca1670a0990f16c272ac3ee33077eea4cf3b8594904e76da07

General

Target

0fcf6528106137ca1670a0990f16c272ac3ee33077eea4cf3b8594904e76da07
Size

117KB
MD5

695a00459aeb65182e7730c9931a70f0
SHA1

8a87c4fd422f3d2a3772c681c43a224d84f6cc2c
SHA256

0fcf6528106137ca1670a0990f16c272ac3ee33077eea4cf3b8594904e76da07
SHA512

e9fa38b870d1ee5c0d06c5bff6e036988dfa2645784d14cf36ff9e1de39b07d9336be65e5e84e1f88bc6fcfc33a986a6b1c491e49f63127741720ad6ad1eed74
SSDEEP

1536:dQnfc21P2iY6h1MRGiF+UocGWfP2utO9WhXdIB84GjxVp3JfPqukuMwnEXlbrSau:ilp9iF+82utOYtZ4kVpZqbXTfjAR

Score

N/A

Malware Config

Signatures

Files

0fcf6528106137ca1670a0990f16c272ac3ee33077eea4cf3b8594904e76da07
.exe windows x86

127c588781b190b18ec0f891392bf1ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStdHandle
GetDriveTypeW
GetStartupInfoA
GetCommandLineA
SetEvent
lstrcpyA
Sleep
lstrlenW
CopyFileA
GetProcessHeap
GetPrivateProfileSectionW
WriteConsoleW
DeleteFileA
GetModuleHandleA
WriteConsoleW
GetFileAttributesA
CancelIo
VirtualProtect
WriteConsoleW
HeapDestroy
VirtualQueryEx

mmcndmgr

DllGetClassObject
DllRegisterServer
DllCanUnloadNow
DllRegisterServer

cryptui

WizardFree
CryptUIWizExport
CryptUIWizBuildCTL
LocalEnroll
DllUnregisterServer
CryptUIStartCertMgr
DllRegisterServer
CryptUIDlgViewContext
CryptUIWizImport
LocalEnrollNoDS
WizardFree
LocalEnroll
CryptUIWizDigitalSign

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impexp
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

127c588781b190b18ec0f891392bf1ad

Headers

File Characteristics

Imports

kernel32

mmcndmgr

cryptui

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 16KB

.rdata Size: 512B - Virtual size: 296B

.rsrc Size: 110KB - Virtual size: 110KB

.rdata Size: 512B - Virtual size: 257B

.impexp Size: 512B - Virtual size: 112B

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 16KB

.rdata
Size: 512B - Virtual size: 296B

.rsrc
Size: 110KB - Virtual size: 110KB

.rdata
Size: 512B - Virtual size: 257B

.impexp
Size: 512B - Virtual size: 112B