4bdfdee89074ef29230f6db0711a9de66a4f8940b8e5bad5f0718b4e42f19527

General

Target

4bdfdee89074ef29230f6db0711a9de66a4f8940b8e5bad5f0718b4e42f19527
Size

425KB
MD5

8ca2a28f14b5afdadf23b41b2186b9c5
SHA1

1d6ba5b6462257cc93731ee61a358f0eadcc9095
SHA256

4bdfdee89074ef29230f6db0711a9de66a4f8940b8e5bad5f0718b4e42f19527
SHA512

7ff673d0222113cbb45829c2d87d78e9622636de1dc372b013821e4867841083a68f16c703f77a68b3e27c0d3b3c97257f3d132425138f31db2be23265a342d6
SSDEEP

12288:/H8OyEWiem8Rk9u5ov3eK7fZBw+lJ/BxzooFxyAm:kOv6m8u9u5I39kiJJxzo8s

Score

N/A

Malware Config

Signatures

Files

4bdfdee89074ef29230f6db0711a9de66a4f8940b8e5bad5f0718b4e42f19527
.exe windows x86

1a9827d744c32c76ade9f8e546a48a42

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EnumEnhMetaFile
GetTextExtentPointA

advapi32

ObjectCloseAuditAlarmW
InitiateSystemShutdownW
AbortSystemShutdownW
GetLengthSid
CryptGetProvParam
RegQueryInfoKeyW
LookupAccountSidA
SetKernelObjectSecurity
BuildTrusteeWithNameW
AdjustTokenPrivileges
StartServiceW
CreateProcessAsUserW
GetAce
DestroyPrivateObjectSecurity
IsValidAcl
RegOpenKeyA

kernel32

FileTimeToSystemTime
InterlockedExchangeAdd
GetTempFileNameA
CreateMutexW
LocalUnlock
GetPrivateProfileSectionNamesA
GetNumberFormatW
BackupRead
GetFileAttributesA
GetSystemDirectoryA
WriteConsoleInputA
GetCurrentThreadId
UpdateResourceA
InterlockedExchange
QueueUserAPC

user32

GetUserObjectInformationA
DrawTextA
EnumDisplayDevicesA
SendNotifyMessageW
GetMessageA
DispatchMessageW
PeekMessageW
AppendMenuW
OpenClipboard
IsDialogMessageA
GetMessageW
UnhookWinEvent
mouse_event
ToUnicode
CheckMenuRadioItem
ToUnicodeEx
EmptyClipboard
FlashWindowEx
WinHelpA
BeginDeferWindowPos
ScrollWindow
ChangeMenuA
wvsprintfA
SetWindowsHookExA
UnregisterHotKey
SetWindowPos
GetWindowWord
GetCaretPos
IsZoomed
GetMessageExtraInfo
GetClipboardFormatNameA
ShowCaret
CloseWindow

shell32

ExtractIconExW
SHFileOperationW
SHGetPathFromIDListW
Shell_NotifyIconA

Sections

.text
Size: 42KB - Virtual size: 352KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 368KB - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a9827d744c32c76ade9f8e546a48a42

Headers

File Characteristics

Imports

gdi32

advapi32

kernel32

user32

shell32

Sections

.text Size: 42KB - Virtual size: 352KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 368KB - Virtual size: 367KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 42KB - Virtual size: 352KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 368KB - Virtual size: 367KB

.rsrc
Size: 10KB - Virtual size: 9KB