1fa8641a316d0b40400aa54899e70fd5eabec807b13b6f2395e6508f619e54d8

General

Target

1fa8641a316d0b40400aa54899e70fd5eabec807b13b6f2395e6508f619e54d8
Size

425KB
MD5

8e25f39c933d5f1315519e0fcaa30c1e
SHA1

f1ba3b462d8a333c3a7943bde6744b40bde0d64e
SHA256

1fa8641a316d0b40400aa54899e70fd5eabec807b13b6f2395e6508f619e54d8
SHA512

ab802559eab09c26ac6d71ac55b84659782a5135fd77a4a8d36a71db14df87c6801237c06085edf7bfedde162186126b96f2333b98d4e1ef2c835d40b7f07a45
SSDEEP

12288:/H8OyEWiem8Rk9u5ov3eK7fZBw+lJ/BxzooFxyAm:kOv6m8u9u5I39kiJJxzo8Q

Score

N/A

Malware Config

Signatures

Files

1fa8641a316d0b40400aa54899e70fd5eabec807b13b6f2395e6508f619e54d8
.exe windows x86

1a9827d744c32c76ade9f8e546a48a42

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EnumEnhMetaFile
GetTextExtentPointA

advapi32

ObjectCloseAuditAlarmW
InitiateSystemShutdownW
AbortSystemShutdownW
GetLengthSid
CryptGetProvParam
RegQueryInfoKeyW
LookupAccountSidA
SetKernelObjectSecurity
BuildTrusteeWithNameW
AdjustTokenPrivileges
StartServiceW
CreateProcessAsUserW
GetAce
DestroyPrivateObjectSecurity
IsValidAcl
RegOpenKeyA

kernel32

FileTimeToSystemTime
InterlockedExchangeAdd
GetTempFileNameA
CreateMutexW
LocalUnlock
GetPrivateProfileSectionNamesA
GetNumberFormatW
BackupRead
GetFileAttributesA
GetSystemDirectoryA
WriteConsoleInputA
GetCurrentThreadId
UpdateResourceA
InterlockedExchange
QueueUserAPC

user32

GetUserObjectInformationA
DrawTextA
EnumDisplayDevicesA
SendNotifyMessageW
GetMessageA
DispatchMessageW
PeekMessageW
AppendMenuW
OpenClipboard
IsDialogMessageA
GetMessageW
UnhookWinEvent
mouse_event
ToUnicode
CheckMenuRadioItem
ToUnicodeEx
EmptyClipboard
FlashWindowEx
WinHelpA
BeginDeferWindowPos
ScrollWindow
ChangeMenuA
wvsprintfA
SetWindowsHookExA
UnregisterHotKey
SetWindowPos
GetWindowWord
GetCaretPos
IsZoomed
GetMessageExtraInfo
GetClipboardFormatNameA
ShowCaret
CloseWindow

shell32

ExtractIconExW
SHFileOperationW
SHGetPathFromIDListW
Shell_NotifyIconA

Sections

.text
Size: 42KB - Virtual size: 352KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 368KB - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a9827d744c32c76ade9f8e546a48a42

Headers

File Characteristics

Imports

gdi32

advapi32

kernel32

user32

shell32

Sections

.text Size: 42KB - Virtual size: 352KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 368KB - Virtual size: 367KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 42KB - Virtual size: 352KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 368KB - Virtual size: 367KB

.rsrc
Size: 10KB - Virtual size: 9KB