76d8b944f8eaf3aab55e9aaa7666b549111edaf9c9c8fb4c2cb110e14cabdb9d

General

Target

76d8b944f8eaf3aab55e9aaa7666b549111edaf9c9c8fb4c2cb110e14cabdb9d
Size

773KB
MD5

0db70a00babcd631cd7f4b8c3fdbf012
SHA1

9795c5c30643af1f6b03cdc9cea61a18ac52152a
SHA256

76d8b944f8eaf3aab55e9aaa7666b549111edaf9c9c8fb4c2cb110e14cabdb9d
SHA512

323ddb5658ccc3b45c1ba55c60ec0591d03b428e92f281ea9284cfec66444ab7fa69db447fc41fabff449d00673c957328309524e4755eca996e9e056dceb9d5
SSDEEP

12288:xr6OMo6wBkypYTWLBy2NS8uCccLXZgIBvAti0r8G34WVcAkXwZiuyuo:Z6OMobBZYK82NS8uCPLhBvAMMncl0ny

Score

N/A

Malware Config

Signatures

Files

76d8b944f8eaf3aab55e9aaa7666b549111edaf9c9c8fb4c2cb110e14cabdb9d
.exe windows x86

29173231b9da09782f16156a2918562f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
SetEvent
DisconnectNamedPipe
CopyFileA
GetCommandLineA
VirtualProtect
WriteConsoleW
WriteConsoleW
DeleteFileA
GetProcessHeap
WriteConsoleW
lstrlenW
GetFileAttributesW
lstrcpyA
HeapDestroy
GetCurrentDirectoryA
GetStartupInfoA
CreatePipe
GetStdHandle
GetPriorityClass
ResumeThread

mmcndmgr

DllGetClassObject
DllRegisterServer
DllCanUnloadNow
DllRegisterServer

cryptui

CryptUIDlgViewContext
CryptUIWizDigitalSign
WizardFree
WizardFree
DllRegisterServer
CryptUIWizBuildCTL
CryptUIStartCertMgr
DllUnregisterServer
CryptUIWizExport
LocalEnroll
LocalEnroll
CryptUIWizBuildCTL
CryptUIWizImport

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 764KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29173231b9da09782f16156a2918562f

Headers

File Characteristics

Imports

kernel32

mmcndmgr

cryptui

Sections

.text Size: 3KB - Virtual size: 3KB

.data Size: 3KB - Virtual size: 3KB

.rdata Size: 512B - Virtual size: 280B

.rsrc Size: 764KB - Virtual size: 2.1MB

.rdata Size: 512B - Virtual size: 257B

.impdata Size: 512B - Virtual size: 257B

.text
Size: 3KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 3KB

.rdata
Size: 512B - Virtual size: 280B

.rsrc
Size: 764KB - Virtual size: 2.1MB

.rdata
Size: 512B - Virtual size: 257B

.impdata
Size: 512B - Virtual size: 257B