05f38f957e0344f2015d79c87cee2019bbc4633abdcf7adb0545d3887528f96a

General

Target

05f38f957e0344f2015d79c87cee2019bbc4633abdcf7adb0545d3887528f96a
Size

291KB
MD5

037317d5ec4f96f1ee0f0dc193ed6e40
SHA1

a3f809997c2f2434947af97a659f43dd4fb6bf49
SHA256

05f38f957e0344f2015d79c87cee2019bbc4633abdcf7adb0545d3887528f96a
SHA512

42465c73c9d72561c410277e8275080968d8ce35e6bbc340a55bdca430776ce875bf5284990e66bf8c625fb858bdaeecbd7c484140b4e9f3aa707002befdb94d
SSDEEP

6144:x3oO1y27QX0G8l4QWqoplQngqILq0oVfE3QcJ26rF6w74:lzQ18lVoplGgqGq0OfEBP

Score

N/A

Malware Config

Signatures

Files

05f38f957e0344f2015d79c87cee2019bbc4633abdcf7adb0545d3887528f96a
.exe windows x86

d7ff387b4432bcb389b7ff4d947dbf65

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetProcessHeap
SetEvent
CopyFileA
GetFileAttributesA
GetPrivateProfileSectionW
CancelIo
Sleep
WriteConsoleW
GetModuleHandleA
VirtualProtect
lstrcpyA
GetStdHandle
GetStartupInfoA
lstrlenW
GetDriveTypeW
WriteConsoleW
WriteConsoleW
GetCommandLineA
HeapDestroy
VirtualQueryEx
DeleteFileA

mmcndmgr

DllGetClassObject
DllRegisterServer
DllCanUnloadNow
DllRegisterServer

cryptui

WizardFree
CryptUIWizExport
CryptUIWizDigitalSign
DllRegisterServer
CryptUIStartCertMgr
LocalEnroll
CryptUIWizBuildCTL
DllUnregisterServer
LocalEnrollNoDS
CryptUIWizImport
CryptUIDlgViewContext
LocalEnroll
WizardFree

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impexp
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7ff387b4432bcb389b7ff4d947dbf65

Headers

File Characteristics

Imports

kernel32

mmcndmgr

cryptui

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 16KB

.rdata Size: 512B - Virtual size: 296B

.rsrc Size: 284KB - Virtual size: 284KB

.rdata Size: 512B - Virtual size: 257B

.impexp Size: 512B - Virtual size: 96B

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 16KB

.rdata
Size: 512B - Virtual size: 296B

.rsrc
Size: 284KB - Virtual size: 284KB

.rdata
Size: 512B - Virtual size: 257B

.impexp
Size: 512B - Virtual size: 96B