4dfa09a3e7b4020ddf7e37daa5003dd0e06550214587576977741b7b5662cec4

General

Target

4dfa09a3e7b4020ddf7e37daa5003dd0e06550214587576977741b7b5662cec4
Size

425KB
MD5

b7e9fb08ec0ecd5052a97ff050b2d46a
SHA1

b91be0d12b32765d8f97888939ed8d06331286a0
SHA256

4dfa09a3e7b4020ddf7e37daa5003dd0e06550214587576977741b7b5662cec4
SHA512

7472d05cb41d4489f4768d3b01a93965d09e11736eb4b9bf5ea240fa8934dfc89a06fbdfd6e4ca8711334e3c143fadb159d3906fbd7c8af468ff73b0527752d2
SSDEEP

12288:/H8OyEWiem8Rk9u5ov3eK7fZBw+lJ/BxzooFxyA8:kOv6m8u9u5I39kiJJxzo86

Score

N/A

Malware Config

Signatures

Files

4dfa09a3e7b4020ddf7e37daa5003dd0e06550214587576977741b7b5662cec4
.exe windows x86

1a9827d744c32c76ade9f8e546a48a42

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EnumEnhMetaFile
GetTextExtentPointA

advapi32

ObjectCloseAuditAlarmW
InitiateSystemShutdownW
AbortSystemShutdownW
GetLengthSid
CryptGetProvParam
RegQueryInfoKeyW
LookupAccountSidA
SetKernelObjectSecurity
BuildTrusteeWithNameW
AdjustTokenPrivileges
StartServiceW
CreateProcessAsUserW
GetAce
DestroyPrivateObjectSecurity
IsValidAcl
RegOpenKeyA

kernel32

FileTimeToSystemTime
InterlockedExchangeAdd
GetTempFileNameA
CreateMutexW
LocalUnlock
GetPrivateProfileSectionNamesA
GetNumberFormatW
BackupRead
GetFileAttributesA
GetSystemDirectoryA
WriteConsoleInputA
GetCurrentThreadId
UpdateResourceA
InterlockedExchange
QueueUserAPC

user32

GetUserObjectInformationA
DrawTextA
EnumDisplayDevicesA
SendNotifyMessageW
GetMessageA
DispatchMessageW
PeekMessageW
AppendMenuW
OpenClipboard
IsDialogMessageA
GetMessageW
UnhookWinEvent
mouse_event
ToUnicode
CheckMenuRadioItem
ToUnicodeEx
EmptyClipboard
FlashWindowEx
WinHelpA
BeginDeferWindowPos
ScrollWindow
ChangeMenuA
wvsprintfA
SetWindowsHookExA
UnregisterHotKey
SetWindowPos
GetWindowWord
GetCaretPos
IsZoomed
GetMessageExtraInfo
GetClipboardFormatNameA
ShowCaret
CloseWindow

shell32

ExtractIconExW
SHFileOperationW
SHGetPathFromIDListW
Shell_NotifyIconA

Sections

.text
Size: 42KB - Virtual size: 352KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 368KB - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a9827d744c32c76ade9f8e546a48a42

Headers

File Characteristics

Imports

gdi32

advapi32

kernel32

user32

shell32

Sections

.text Size: 42KB - Virtual size: 352KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 368KB - Virtual size: 367KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 42KB - Virtual size: 352KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 368KB - Virtual size: 367KB

.rsrc
Size: 10KB - Virtual size: 9KB