3b6e89d73b49bb53e66538674e16c1e9bbd0dd68edbbc10ad9965ff2e21188e5

General

Target

3b6e89d73b49bb53e66538674e16c1e9bbd0dd68edbbc10ad9965ff2e21188e5
Size

499KB
MD5

fdd4b1d460f2bb3127b3fcf2ddae419e
SHA1

35b7017e888a05b257f1fa6517c0f1aa8945b1a7
SHA256

3b6e89d73b49bb53e66538674e16c1e9bbd0dd68edbbc10ad9965ff2e21188e5
SHA512

a5404b9aa593514d41e672b3a5a8af26295c5cba9e5b9160a43e58ebe40f4e33aa6f7fffbd7b3019bf3bef708cdf7d7e98cd6a48aa98a768311430a6d41b948d
SSDEEP

12288:0LF+iiJJx6ONuvWsEXLrbEz0tGlVpPLAaEmboLAAO:M+i4ADUC0tGlzPE2b3A

Score

N/A

Malware Config

Signatures

Files

3b6e89d73b49bb53e66538674e16c1e9bbd0dd68edbbc10ad9965ff2e21188e5
.exe windows x86

ef9169c341840fd24df9a1a5eb716263

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

crypt32

CertFindCRLInStore
CertFindAttribute
CryptFindOIDInfo
CertDuplicateStore
CertFindExtension
CertOpenStore
CertGetNameStringA
CertDuplicateCRLContext
CertCreateCRLContext
CertSaveStore
CryptEnumOIDInfo
CertCreateContext
CertDeleteCRLFromStore
CertCloseStore
CertControlStore

cabinet

Extract
FCICreate
FCIDestroy
FCIFlushCabinet

msimg32

TransparentBlt
DllInitialize

kernel32

GetFullPathNameA
GetNumberFormatA
SetVolumeLabelA
DeviceIoControl
CreateMutexA
SetEndOfFile
PurgeComm
GetVolumePathNameW
HeapValidate
GetProcessTimes
CreateEventW
GetAtomNameA
GetModuleHandleA
TlsGetValue
SetCurrentDirectoryA
GetTickCount
FindResourceA
GetLogicalDrives
GetDiskFreeSpaceA
GetProcAddress
GetEnvironmentVariableW
SetEnvironmentVariableA
lstrcmpA
MoveFileW
ReadFile
GetShortPathNameA
GetSystemInfo
GetCurrentProcess
QueryDosDeviceA
GetBinaryTypeA

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 457KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef9169c341840fd24df9a1a5eb716263

Headers

File Characteristics

Imports

crypt32

cabinet

msimg32

kernel32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 457KB - Virtual size: 524KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 457KB - Virtual size: 524KB

.reloc
Size: 7KB - Virtual size: 7KB