ef71e38b25f9cc91369e339eeb6fd5e94adcc38607fd0300c43e5a867f8b0257

General

Target

ef71e38b25f9cc91369e339eeb6fd5e94adcc38607fd0300c43e5a867f8b0257
Size

771KB
MD5

a0300c52290d9a6a087ab7a2c8fec020
SHA1

1cb2e6d607f13083638f54c502311d592ccb7b2f
SHA256

ef71e38b25f9cc91369e339eeb6fd5e94adcc38607fd0300c43e5a867f8b0257
SHA512

61bde2afcc9afa4dfb82445f589d027d0cd7aa326d8740b33613c0b9dddb672778313dcb6695c99637bfcf52b66b029e0f3e01a717e9fc076137f9c3d42ff7c4
SSDEEP

12288:4BzVdUF/382U27cMc5GmJffXTe8DCl22S+DL0Wvp+J0yV830bwbWQRXS:4BkF/i24c4fva8DGPN0qyV83swbF

Score

N/A

Malware Config

Signatures

Files

ef71e38b25f9cc91369e339eeb6fd5e94adcc38607fd0300c43e5a867f8b0257
.exe windows x86

3c50c8f004200a7d9963b99cc2782cb8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CopyFileA
GetProcessHeap
HeapDestroy
CancelIo
GetCommandLineA
GetStdHandle
WriteConsoleW
VirtualQueryEx
GetDriveTypeW
GetStartupInfoA
GetPrivateProfileSectionW
GetFileAttributesA
WriteConsoleW
SetEvent
Sleep
lstrlenW
WriteConsoleW
GetModuleHandleA
lstrcpyA
DeleteFileA
VirtualProtect

mmcndmgr

DllRegisterServer
DllGetClassObject
DllCanUnloadNow
DllRegisterServer

cryptui

LocalEnroll
CryptUIWizExport
CryptUIWizBuildCTL
CryptUIDlgViewContext
WizardFree
WizardFree
CryptUIWizDigitalSign
LocalEnrollNoDS
CryptUIStartCertMgr
CryptUIWizImport
LocalEnroll
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 764KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impexp
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c50c8f004200a7d9963b99cc2782cb8

Headers

File Characteristics

Imports

kernel32

mmcndmgr

cryptui

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 16KB

.rdata Size: 512B - Virtual size: 296B

.rsrc Size: 764KB - Virtual size: 2.1MB

.rdata Size: 512B - Virtual size: 257B

.impexp Size: 512B - Virtual size: 112B

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 16KB

.rdata
Size: 512B - Virtual size: 296B

.rsrc
Size: 764KB - Virtual size: 2.1MB

.rdata
Size: 512B - Virtual size: 257B

.impexp
Size: 512B - Virtual size: 112B