8ba508b8061fe19412443a99178bf69694340aee9c27a969cf45029912dd330d

General

Target

8ba508b8061fe19412443a99178bf69694340aee9c27a969cf45029912dd330d
Size

293KB
MD5

a30cd5bfa26fd51fbc19699d68f0b280
SHA1

a50ac31e2ae8fe381ad9ed421996b79110ab4c79
SHA256

8ba508b8061fe19412443a99178bf69694340aee9c27a969cf45029912dd330d
SHA512

4d2e7af751eb6bf2c45edfe555ae64b4940adb2a0aa57e7c4dd9d8bd4f738af321d567cc285f5ef74d8c5278d7130cb9b714f8052ce8b7a0a08b119c6435101e
SSDEEP

6144:yInnexrhHJpdrRAYtU7ZDA8SltgcZWa9ByqFQ2VYhUq:NeFTrRAYtU7ZDA8SWa9U17Uq

Score

N/A

Malware Config

Signatures

Files

8ba508b8061fe19412443a99178bf69694340aee9c27a969cf45029912dd330d
.exe windows x86

e896a545535121709f097bb125e91893

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ResumeThread
GetPriorityClass
GetCurrentDirectoryA
CreatePipe
DeleteFileA
GetStartupInfoA
HeapDestroy
SetEvent
GetStdHandle
GetModuleHandleA
GetCommandLineA
WriteConsoleW
WriteConsoleW
VirtualProtect
WriteConsoleW
GetFileAttributesW
GetProcessHeap
lstrcpyA
lstrlenW
CopyFileA
DisconnectNamedPipe

mmcndmgr

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllRegisterServer

cryptui

CryptUIDlgViewContext
CryptUIWizBuildCTL
CryptUIStartCertMgr
CryptUIWizBuildCTL
LocalEnroll
DllRegisterServer
CryptUIWizDigitalSign
DllUnregisterServer
CryptUIWizImport
WizardFree
CryptUIWizExport
WizardFree
LocalEnroll

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e896a545535121709f097bb125e91893

Headers

File Characteristics

Imports

kernel32

mmcndmgr

cryptui

Sections

.text Size: 3KB - Virtual size: 3KB

.data Size: 3KB - Virtual size: 3KB

.rdata Size: 512B - Virtual size: 280B

.rsrc Size: 284KB - Virtual size: 284KB

.rdata Size: 512B - Virtual size: 257B

.impdata Size: 512B - Virtual size: 257B

.text
Size: 3KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 3KB

.rdata
Size: 512B - Virtual size: 280B

.rsrc
Size: 284KB - Virtual size: 284KB

.rdata
Size: 512B - Virtual size: 257B

.impdata
Size: 512B - Virtual size: 257B