a9ad676ce8d45d70446834c16116fa0374fb017da23815fb53f7bb173e374038

General

Target

a9ad676ce8d45d70446834c16116fa0374fb017da23815fb53f7bb173e374038
Size

118KB
MD5

81f5bfaecd92a5c0a9a26e8ee1833aa0
SHA1

c235b9a7741de5412c49edb6b42d98a81d723681
SHA256

a9ad676ce8d45d70446834c16116fa0374fb017da23815fb53f7bb173e374038
SHA512

97646b41cb77ccf32f570fa88c558fdb5acde808153b61099869e7336c7652eba32c42e536b1b2fbb8f85a65c73b4016fef3031c7658930fa8fb86c3dc9f06f2
SSDEEP

1536:z4zLp2gxV9NFMPQ6eEaLDj1KuuSjCpsMUCily0Fvts/nn2pV0GUh/Lt5x3a8YglP:zM2pqlKIjCpLUTyCMnNTj9aG8j39Ugp

Score

N/A

Malware Config

Signatures

Files

a9ad676ce8d45d70446834c16116fa0374fb017da23815fb53f7bb173e374038
.exe windows x86

bfd4987a9213dac74fd398fadf0d5fde

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

Sleep
DeleteFileA
HeapDestroy
WriteConsoleW
GetPrivateProfileSectionW
WriteConsoleW
VirtualQueryEx
lstrlenW
GetCommandLineA
SetEvent
GetProcessHeap
GetModuleHandleA
lstrcpyA
GetFileAttributesW
CopyFileA
GetStartupInfoA
GetStdHandle
ResumeThread
WriteConsoleW
VirtualProtect
GetDriveTypeW

mmcndmgr

DllGetClassObject
DllRegisterServer
DllCanUnloadNow
DllRegisterServer

cryptui

CryptUIDlgViewContext
CryptUIStartCertMgr
WizardFree
WizardFree
CryptUIWizExport
CryptUIWizImport
LocalEnroll
CryptUIWizDigitalSign
DllUnregisterServer
CryptUIWizBuildCTL
LocalEnrollNoDS
LocalEnroll
DllRegisterServer

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impexp
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bfd4987a9213dac74fd398fadf0d5fde

Headers

File Characteristics

Imports

kernel32

mmcndmgr

cryptui

Sections

.text Size: 2KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 2KB

.rdata Size: 512B - Virtual size: 296B

.rsrc Size: 110KB - Virtual size: 110KB

.rdata Size: 512B - Virtual size: 257B

.impexp Size: 512B - Virtual size: 80B

.text
Size: 2KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 2KB

.rdata
Size: 512B - Virtual size: 296B

.rsrc
Size: 110KB - Virtual size: 110KB

.rdata
Size: 512B - Virtual size: 257B

.impexp
Size: 512B - Virtual size: 80B