c3d4b788e2458276a432687ce3272e06f72c46ff3c6daee1a1b074ab07a7f10c

General

Target

c3d4b788e2458276a432687ce3272e06f72c46ff3c6daee1a1b074ab07a7f10c
Size

291KB
MD5

829e1e53b937de4543ad71ee28fd2fd0
SHA1

49f9f93ff26f10f1ca7543b78fcde6e050ceeb6f
SHA256

c3d4b788e2458276a432687ce3272e06f72c46ff3c6daee1a1b074ab07a7f10c
SHA512

ab239d0dca3502d5cbf6d282daa65819d29f43caa360bc5b0f44307c58682b9bfe1f9a482173d8443611c5a7928b1b95e71e9dcd332e982ed27b38915e6be58b
SSDEEP

6144:dZ03oO1yz0MSqvGiPq0QVJV/ZatCWRnZSGjnAyAFHkz1REh:dZCzziGii0esCG0yAFC1

Score

N/A

Malware Config

Signatures

Files

c3d4b788e2458276a432687ce3272e06f72c46ff3c6daee1a1b074ab07a7f10c
.exe windows x86

0e1ff265d4d95798ef3b1ef622fce63c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetDriveTypeW
HeapDestroy
Sleep
WriteConsoleW
VirtualProtect
lstrcpyA
WriteConsoleW
CopyFileA
WriteConsoleW
DeleteFileA
GetProcessHeap
GetPrivateProfileSectionW
SetEvent
lstrlenW
VirtualQueryEx
GetFileAttributesA
GetCommandLineA
GetModuleHandleA
GetStdHandle
GetStartupInfoA
CancelIo

mmcndmgr

DllRegisterServer
DllGetClassObject
DllRegisterServer
DllCanUnloadNow

cryptui

CryptUIWizBuildCTL
CryptUIWizExport
DllUnregisterServer
LocalEnroll
WizardFree
CryptUIWizImport
CryptUIStartCertMgr
WizardFree
LocalEnroll
DllRegisterServer
CryptUIWizDigitalSign
LocalEnrollNoDS
CryptUIDlgViewContext

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impexp
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e1ff265d4d95798ef3b1ef622fce63c

Headers

File Characteristics

Imports

kernel32

mmcndmgr

cryptui

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 16KB

.rdata Size: 512B - Virtual size: 296B

.rsrc Size: 284KB - Virtual size: 284KB

.rdata Size: 512B - Virtual size: 257B

.impexp Size: 512B - Virtual size: 80B

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 16KB

.rdata
Size: 512B - Virtual size: 296B

.rsrc
Size: 284KB - Virtual size: 284KB

.rdata
Size: 512B - Virtual size: 257B

.impexp
Size: 512B - Virtual size: 80B