4da8517dbfeb2f8e797083c05c4ef5770285a69915a318985ebd9a23a07eb3d5

General

Target

4da8517dbfeb2f8e797083c05c4ef5770285a69915a318985ebd9a23a07eb3d5
Size

67KB
MD5

698e7f7b86f82751479337ac255b3870
SHA1

8c6cd9a54b4ebe31e90b7279fbafe3660c225c31
SHA256

4da8517dbfeb2f8e797083c05c4ef5770285a69915a318985ebd9a23a07eb3d5
SHA512

d0e87412f94d40478bc72b424924244ba0460303b3b57dea08189d676fc543e0ef8f01301277758eba9c750ee55ba74f2b3ca75ad492a87c77d6d8a9d10f9e2f
SSDEEP

1536:bkPsHznh6H9pAJQsJDocxQsB5ADiAyFyOdxqcRkFLzD4N4:bnQsFocCGGyFyOTFkFr

Score

N/A

Malware Config

Signatures

Files

4da8517dbfeb2f8e797083c05c4ef5770285a69915a318985ebd9a23a07eb3d5
.exe windows x86

ff3fc491054a46d34506569bc31ed07d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetPrivateProfileSectionW
VirtualProtect
GetModuleHandleA
lstrcpyA
WriteConsoleW
GetFileAttributesW
CopyFileA
SetEvent
HeapDestroy
lstrlenW
VirtualQueryEx
GetProcessHeap
Sleep
GetCommandLineA
GetDriveTypeW
GetStdHandle
ResumeThread
GetStartupInfoA
DeleteFileA
WriteConsoleW
WriteConsoleW

mmcndmgr

DllRegisterServer
DllRegisterServer
DllGetClassObject
DllCanUnloadNow

cryptui

WizardFree
CryptUIWizBuildCTL
DllUnregisterServer
CryptUIWizExport
WizardFree
LocalEnroll
DllRegisterServer
CryptUIStartCertMgr
CryptUIDlgViewContext
LocalEnrollNoDS
CryptUIWizDigitalSign
LocalEnroll
CryptUIWizImport

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.expimp
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff3fc491054a46d34506569bc31ed07d

Headers

File Characteristics

Imports

kernel32

mmcndmgr

cryptui

Sections

.text Size: 2KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 2KB

.rdata Size: 512B - Virtual size: 296B

.rsrc Size: 60KB - Virtual size: 72KB

.rdata Size: 512B - Virtual size: 257B

.expimp Size: 512B - Virtual size: 80B

.text
Size: 2KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 2KB

.rdata
Size: 512B - Virtual size: 296B

.rsrc
Size: 60KB - Virtual size: 72KB

.rdata
Size: 512B - Virtual size: 257B

.expimp
Size: 512B - Virtual size: 80B