ef51f435373b80a128d85488157353b287f5ac832a65296c8011c99c7662b272

General

Target

ef51f435373b80a128d85488157353b287f5ac832a65296c8011c99c7662b272
Size

772KB
MD5

1325e62dc758e9c489ba2f4fa51081d8
SHA1

835d7dc3fbbcf80b19b657de7fb5d4f66f07eee7
SHA256

ef51f435373b80a128d85488157353b287f5ac832a65296c8011c99c7662b272
SHA512

7200b1288b4307c1c64617f93d5311655eefba7acbeade3559495ee599555ccce964d91ed9c44b24697a15db0ad6bd50c6e57e046495685eebd11305b5b9d3e6
SSDEEP

12288:4QiTQksulivSdDzsPcG/4TbOOksCEnOX4UrJT3WVqbr9jlqcuCQETnFyAor:SnwuUcxCOkslOX9cSrfqnCDFyAo

Score

N/A

Malware Config

Signatures

Files

ef51f435373b80a128d85488157353b287f5ac832a65296c8011c99c7662b272
.exe windows x86

c1690a426a004351e166b8acb25fa14a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetEvent
GetDriveTypeW
VirtualQueryEx
lstrcpyA
lstrlenW
DeleteFileA
GetStartupInfoA
GetProcessHeap
Sleep
HeapDestroy
GetModuleHandleA
GetStdHandle
GetCommandLineA
WriteConsoleW
GetPrivateProfileSectionW
GetFileAttributesA
VirtualProtect
CancelIo
CopyFileA
WriteConsoleW
WriteConsoleW

mmcndmgr

DllRegisterServer
DllRegisterServer
DllCanUnloadNow
DllGetClassObject

cryptui

WizardFree
CryptUIWizExport
CryptUIStartCertMgr
CryptUIWizBuildCTL
DllRegisterServer
CryptUIDlgViewContext
CryptUIWizDigitalSign
LocalEnrollNoDS
LocalEnroll
DllUnregisterServer
WizardFree
CryptUIWizImport
LocalEnroll

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 765KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impexp
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1690a426a004351e166b8acb25fa14a

Headers

File Characteristics

Imports

kernel32

mmcndmgr

cryptui

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 16KB

.rdata Size: 512B - Virtual size: 296B

.rsrc Size: 765KB - Virtual size: 2.1MB

.rdata Size: 512B - Virtual size: 257B

.impexp Size: 512B - Virtual size: 96B

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 16KB

.rdata
Size: 512B - Virtual size: 296B

.rsrc
Size: 765KB - Virtual size: 2.1MB

.rdata
Size: 512B - Virtual size: 257B

.impexp
Size: 512B - Virtual size: 96B