2ada9096a9368c5f518912d9719c7309f72dfdf592fedaa96d8a3b05c18424da

General

Target

2ada9096a9368c5f518912d9719c7309f72dfdf592fedaa96d8a3b05c18424da
Size

294KB
MD5

165e2eead983a8c41d97de44ba6cdc90
SHA1

a1c9bcf7be0d0899c42d9aaa344b27e494ea488c
SHA256

2ada9096a9368c5f518912d9719c7309f72dfdf592fedaa96d8a3b05c18424da
SHA512

f7939fff11004a39b07c95ee135916a7c7b11797bd4ccda6e49569aa062bb13901e89adc7e21a8bd8583c5ef4845e20a86e8b86dd85af3ad172e42cc9a37b6e5
SSDEEP

6144:1In0+WLGTrGOwWlYl/kAHEk9tj8I6wHsQuT/VGH+Z/rh:CWy8//HEk7RvMQeMW/rh

Score

N/A

Malware Config

Signatures

Files

2ada9096a9368c5f518912d9719c7309f72dfdf592fedaa96d8a3b05c18424da
.exe windows x86

b0b224d7b6b48dc65c9669b5a043b9f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCurrentDirectoryA
SetEvent
ResumeThread
GetFileAttributesW
lstrcpyA
CreatePipe
HeapDestroy
GetModuleHandleA
CopyFileA
WriteConsoleW
GetPriorityClass
GetCommandLineA
WriteConsoleW
lstrlenW
DisconnectNamedPipe
GetStdHandle
WriteConsoleW
GetProcessHeap
DeleteFileA
VirtualProtect
GetStartupInfoA

mmcndmgr

DllRegisterServer
DllGetClassObject
DllRegisterServer
DllCanUnloadNow

cryptui

LocalEnroll
CryptUIWizImport
CryptUIDlgViewContext
DllRegisterServer
CryptUIWizExport
CryptUIWizDigitalSign
WizardFree
LocalEnroll
CryptUIWizBuildCTL
CryptUIWizBuildCTL
WizardFree
CryptUIStartCertMgr
DllUnregisterServer

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 177B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b0b224d7b6b48dc65c9669b5a043b9f8

Headers

File Characteristics

Imports

kernel32

mmcndmgr

cryptui

Sections

.text Size: 3KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 3KB

.rdata Size: 512B - Virtual size: 264B

.rsrc Size: 284KB - Virtual size: 284KB

.rdata Size: 512B - Virtual size: 177B

.impdata Size: 512B - Virtual size: 257B

.text
Size: 3KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 3KB

.rdata
Size: 512B - Virtual size: 264B

.rsrc
Size: 284KB - Virtual size: 284KB

.rdata
Size: 512B - Virtual size: 177B

.impdata
Size: 512B - Virtual size: 257B