d866a8538479284572947ef6fba50bb9cf9620ffd681c8e90b9aa7ceebb64166

General

Target

d866a8538479284572947ef6fba50bb9cf9620ffd681c8e90b9aa7ceebb64166
Size

848KB
MD5

9201467c835ff47e15ec9e43bea258f3
SHA1

e9f900b162687997b99e2aa2c97a7218194e8fb3
SHA256

d866a8538479284572947ef6fba50bb9cf9620ffd681c8e90b9aa7ceebb64166
SHA512

34cf9e7e972aa8b4fedae232e94a54cf55374bd6cf06bef621971a42ae758c4de429b0b76df85c660a433237b8307b18e6f3118a4749b53454f8e1610c63096b
SSDEEP

24576:qiMSxBa67I3aHw772ixOVBwktzPlcphkER:RMSx87aHw772ixOVB9txGhky

Score

N/A

Malware Config

Signatures

Files

d866a8538479284572947ef6fba50bb9cf9620ffd681c8e90b9aa7ceebb64166
.exe windows x86

ec39365f67315c322df813746ef0609b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
IsBadWritePtr
GetProcessHeap
SetVolumeLabelA
SetEndOfFile
GetDriveTypeW
GetFileType
DeleteAtom
HeapCreate
ClearCommBreak
CreateDirectoryA
WaitForMultipleObjects
FindClose
CreateSemaphoreW
FindAtomA
GetModuleHandleA
WriteFile
RemoveDirectoryA
HeapFree
CreatePipe
ExitThread
AddAtomA
GetModuleFileNameA
CloseHandle
RemoveDirectoryA

cryptui

WizardFree
WizardFree
CryptUIWizExport
DllRegisterServer
CryptUIDlgFreeCAContext
LocalEnrollNoDS
DllUnregisterServer
LocalEnroll
CryptUIWizDigitalSign
CryptUIWizImport
CryptUIWizBuildCTL
CryptUIStartCertMgr
CryptUIDlgViewContext

msvidc32

DriverProc
DriverProc
DriverProc
DriverProc

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 740KB - Virtual size: 741KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ujkuupq
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mjewjgh
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ec39365f67315c322df813746ef0609b

Headers

File Characteristics

Imports

kernel32

cryptui

msvidc32

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 1.3MB

.rsrc Size: 740KB - Virtual size: 741KB

ujkuupq Size: 4KB - Virtual size: 32KB

mjewjgh Size: - Virtual size: 4KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1.3MB

.rsrc
Size: 740KB - Virtual size: 741KB

ujkuupq
Size: 4KB - Virtual size: 32KB

mjewjgh
Size: - Virtual size: 4KB