General

Malware Config

Signatures

Files

• 1714c3efa400355682fdd7f5dbdee1ee0e4a003cb988b57d284f297cbdab495f

  .zip
• 2014_11transaktions_pdf_000093378_2014_0000919_11_v_00028836_n_827100007.exe

  .exe windows x86

  2f7fadb6451b796876821adb84dbd1eb

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  acledit

  EditAuditInfo

  FMExtensionProcW

  SedDiscretionaryAclEditor

  EditOwnerInfo

  EditPermissionInfo

  SedTakeOwnership

  kernel32

  GetLocalTime

  VirtualAlloc

  mssign32

  PvkPrivateKeyAcquireContextFromMemory

  dciman32

  WinWatchClose

  WinWatchOpen

  Sections

  .text

  Size: 264KB - Virtual size: 263KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 512B - Virtual size: 500B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 2KB - Virtual size: 13KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 9KB - Virtual size: 9KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 1024B - Virtual size: 652B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ