14a7b2c625611ebe9fa54ec602036b2e205c3a969a8ad96c4d061c358d6a087d

General

Target

14a7b2c625611ebe9fa54ec602036b2e205c3a969a8ad96c4d061c358d6a087d
Size

291KB
MD5

90f2398f20597786048a58a5b522b600
SHA1

c78b0b1b352b0475e320a3791702b43cc20928d5
SHA256

14a7b2c625611ebe9fa54ec602036b2e205c3a969a8ad96c4d061c358d6a087d
SHA512

0a70371ad31da9cf9d3f3c70d8cbb973ee4b0cbc6ea4293ddeac92a94c120627118811fb3cca39365a102b8cad958c106d0bf35df461031be9e556cd86b3a229
SSDEEP

6144:mZ3oO1y/S/LgDydrA80FliTTGN+MIXxEwkQLXk2NQ1OiRyKRiV3:mtzkQIydM3iON+xXmwkEXRSkp1

Score

N/A

Malware Config

Signatures

Files

14a7b2c625611ebe9fa54ec602036b2e205c3a969a8ad96c4d061c358d6a087d
.exe windows x86

4d4870432fb249a380ca596694065cbb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStdHandle
lstrcpyA
GetStartupInfoA
GetCommandLineA
VirtualProtect
CopyFileA
VirtualQueryEx
GetFileAttributesA
lstrlenW
SetEvent
CancelIo
WriteConsoleW
GetPrivateProfileSectionW
DeleteFileA
GetProcessHeap
GetDriveTypeW
Sleep
GetModuleHandleA
WriteConsoleW
HeapDestroy
WriteConsoleW

mmcndmgr

DllRegisterServer
DllGetClassObject
DllRegisterServer
DllCanUnloadNow

cryptui

DllUnregisterServer
LocalEnroll
CryptUIWizExport
DllRegisterServer
CryptUIWizDigitalSign
LocalEnroll
CryptUIDlgViewContext
CryptUIWizBuildCTL
WizardFree
CryptUIStartCertMgr
CryptUIWizImport
LocalEnrollNoDS
WizardFree

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impexp
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d4870432fb249a380ca596694065cbb

Headers

File Characteristics

Imports

kernel32

mmcndmgr

cryptui

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 16KB

.rdata Size: 512B - Virtual size: 296B

.rsrc Size: 284KB - Virtual size: 284KB

.rdata Size: 512B - Virtual size: 257B

.impexp Size: 512B - Virtual size: 96B

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 16KB

.rdata
Size: 512B - Virtual size: 296B

.rsrc
Size: 284KB - Virtual size: 284KB

.rdata
Size: 512B - Virtual size: 257B

.impexp
Size: 512B - Virtual size: 96B