b56ec1db3b82c14771cb03731f75019598ae29486e33ad93b146d855d58e245c

General

Target

b56ec1db3b82c14771cb03731f75019598ae29486e33ad93b146d855d58e245c
Size

120KB
MD5

040755a1b2f7b696669e1edba2b5a3a0
SHA1

0ca3d1c47d9c6cc2179e21d2ebe358aaf7f544dd
SHA256

b56ec1db3b82c14771cb03731f75019598ae29486e33ad93b146d855d58e245c
SHA512

9cebeac0d1130e51a1ba128511c1d114d7f90529cb9815a2e84b44029b62f0f62fe565ccf405a560757666fa44d63e65ec533d2b13a2b6a0e79c28be8a142659
SSDEEP

3072:GriDSNEWf80wyDCLDJGv6TLsVfXZv9RQkDjCgxa6ZInPAOE:9Wk0wsCLDJGSvsBZ8kPCmRInPAh

Score

N/A

Malware Config

Signatures

Files

b56ec1db3b82c14771cb03731f75019598ae29486e33ad93b146d855d58e245c
.exe windows x86

0dec17cb7ed6fd4eaa2ce9174a8f84f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcpyA
CopyFileA
WriteConsoleW
GetCurrentDirectoryA
SetEvent
CreatePipe
WriteConsoleW
GetFileAttributesW
DisconnectNamedPipe
DeleteFileA
ResumeThread
GetProcessHeap
WriteConsoleW
HeapDestroy
VirtualProtect
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
lstrlenW
GetStdHandle
GetPriorityClass

mmcndmgr

DllRegisterServer
DllRegisterServer
DllGetClassObject
DllCanUnloadNow

cryptui

DllRegisterServer
CryptUIWizDigitalSign
CryptUIWizBuildCTL
CryptUIDlgViewContext
CryptUIWizExport
LocalEnroll
WizardFree
CryptUIWizBuildCTL
CryptUIWizImport
DllUnregisterServer
CryptUIStartCertMgr
LocalEnroll
WizardFree

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 177B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impdata
Size: 512B - Virtual size: 195B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0dec17cb7ed6fd4eaa2ce9174a8f84f7

Headers

File Characteristics

Imports

kernel32

mmcndmgr

cryptui

Sections

.text Size: 3KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 3KB

.rdata Size: 512B - Virtual size: 264B

.rsrc Size: 110KB - Virtual size: 110KB

.rdata Size: 512B - Virtual size: 177B

.impdata Size: 512B - Virtual size: 195B

.text
Size: 3KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 3KB

.rdata
Size: 512B - Virtual size: 264B

.rsrc
Size: 110KB - Virtual size: 110KB

.rdata
Size: 512B - Virtual size: 177B

.impdata
Size: 512B - Virtual size: 195B