91bda1815db46e83bd30c4cdac527e46c1d42d3fda4492493ee2b001fd9b92e7

Sharing

Copy URL

Twitter E-mail

General

Target

91bda1815db46e83bd30c4cdac527e46c1d42d3fda4492493ee2b001fd9b92e7
Size

826KB
MD5

86fd6408be69ee3a4ff9c1d085c6dc72
SHA1

5716c66a23b1ee9d22160964aaa36c7d49cb5e39
SHA256

91bda1815db46e83bd30c4cdac527e46c1d42d3fda4492493ee2b001fd9b92e7
SHA512

164caaf0a333c25898b3bd355f6e3df20847289b7823dcc859aa63db24b25b4e6fd7f7521d7d75d83300b053d14dcc393631aeb65edeab02471fc0693c745d5d
SSDEEP

12288:mSVFOBDviXa5E3AxqRBsdHAQM2ieRE5NE4ab96gH3onAf/uEAWZwOW0CAwsmi:mSVFO5viKfqHiE2xREr+ggXwEjvys

Score

N/A

Malware Config

Signatures

Files

91bda1815db46e83bd30c4cdac527e46c1d42d3fda4492493ee2b001fd9b92e7
.exe windows x86

827221b789c0938e0221a230b135c01e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

WinHelpA
SetDlgItemTextA
RegisterClassW
SetDoubleClickTime
ValidateRgn
GetKeyboardLayoutList
WCSToMBEx
GetDlgItem
SetWindowTextA
GetFocus
EnumDisplaySettingsExA
InsertMenuItemW
UnloadKeyboardLayout
MessageBoxIndirectW
GetCaretPos
MessageBoxA
DialogBoxIndirectParamA
LoadIconW
AlignRects
LoadCursorW
DefMDIChildProcW

oleaut32

VarOr
VarDecFromI4
VarBoolFromUI8
VarUI2FromCy
LPSAFEARRAY_UserUnmarshal
VarDecCmpR8
VectorFromBstr
DllCanUnloadNow
VarDecInt
VarI2FromDec
RevokeActiveObject
VarI4FromI2
VarNeg
SafeArrayDestroyDescriptor
VarAdd
VarUI1FromR8
VarI8FromUI2
VarBstrFromUI2

kernel32

RegisterWaitForInputIdle
OpenEventW
CreateTimerQueueTimer
EnumResourceLanguagesA
GetConsoleCursorInfo
QueryDosDeviceW
GetPrivateProfileStructA
CreateDirectoryExW
BaseCleanupAppcompatCacheSupport
GetFileSizeEx
TlsSetValue
InitializeCriticalSectionAndSpinCount
WaitNamedPipeW
OpenProcess
GetCommProperties
ExpandEnvironmentStringsA
SetTimerQueueTimer
SetConsoleCtrlHandler
SetFileApisToANSI
SetFirmwareEnvironmentVariableA
InitializeSListHead
ExpungeConsoleCommandHistoryA
GetUserDefaultLCID
LoadLibraryW
GetThreadContext
GetGeoInfoA
InterlockedDecrement
GetShortPathNameA
Module32Next
WriteConsoleInputA
GetTickCount
DeleteVolumeMountPointA
CreateSocketHandle
WriteConsoleInputVDMA
DebugBreakProcess
InvalidateConsoleDIBits
IsBadCodePtr
ReadConsoleOutputCharacterA
GetFileAttributesA
ReadConsoleOutputCharacterW
GetProcessVersion
BaseFlushAppcompatCache
SetConsoleCursorPosition
GetCurrencyFormatW
GetTimeZoneInformation
SetLastError
WaitCommEvent
SetProcessWorkingSetSize
CreateDirectoryA
IsBadHugeReadPtr

sqlunirl

_WinHelp@16
_GetTempFileName_@16
_DlgDirList_@20
_OpenBackupEventLog_@8
_RegSetValueEx_@24
_SetDefaultCommConfig_@12
_OpenEvent_@12
_GetClassLong_@8
_FindAtom_@4
_SendMessageCallback_@24
_CopyMetaFile_@8
_ReplaceText_@4
_MoveFileEx_@12
_GetPrivateProfileInt_@16
_OpenWaitableTimer_@12
_LookupPrivilegeName_@16
_NDdeGetErrorString_@12
_RegQueryValue_@16
_NDdeGetTrustedShare_@20
_CreateIC_@16
_LogonUser_@24
_ReadConsoleInput_@16
_RegConnectRegistry_@12
_CopyFileEx_@24
_GetFileSecurity_@20
_CopyAcceleratorTable_@12
_GetDefaultCommConfig_@12

ole32

CoTaskMemRealloc
StgCreatePropStg
CoRegisterMessageFilter
HPALETTE_UserFree
CoGetCallContext
CoGetInterfaceAndReleaseStream
CreateAntiMoniker
ReadStringStream
CoGetApartmentID
CoDeactivateObject
GetHGlobalFromStream
StgSetTimes

powrprof

CanUserWritePwrScheme
CallNtPowerInformation
WriteGlobalPwrPolicy
GetCurrentPowerPolicies
GetActivePwrScheme
IsAdminOverrideActive
IsPwrSuspendAllowed
ReadGlobalPwrPolicy
SetSuspendState
IsPwrShutdownAllowed
GetPwrDiskSpindownRange
GetPwrCapabilities
WriteProcessorPwrScheme
LoadCurrentPwrScheme
ReadProcessorPwrScheme
EnumPwrSchemes
IsPwrHibernateAllowed
SetActivePwrScheme
WritePwrScheme
DeletePwrScheme
ValidatePowerPolicies
MergeLegacyPwrScheme
ReadPwrScheme

scecli

SceAppendSecurityProfileInfo
SceAddToObjectList
SceAddToNameList
SceGetObjectSecurity
SceSetupConfigureServices
SceSvcGetInformationTemplate
SceSvcConvertTextToSD
SceGenerateGroupPolicy
SceGetServerProductType
SceCopyBaseProfile
SceDcPromoteSecurityEx
SceRollbackTransaction
SceGetSecurityProfileInfo
SceGetObjectChildren
SceCreateDirectory
SceCommitTransaction
SceGetAreas
SceSetupUnwindSecurityFile

Sections

.text
Size: 381KB - Virtual size: 381KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

827221b789c0938e0221a230b135c01e

Headers

DLL Characteristics

File Characteristics

Imports

user32

oleaut32

kernel32

sqlunirl

ole32

powrprof

scecli

Sections

.text Size: 381KB - Virtual size: 381KB

.rdata Size: 94KB - Virtual size: 93KB

.data Size: 189KB - Virtual size: 1.6MB

.rsrc Size: 160KB - Virtual size: 159KB

.reloc Size: 1024B - Virtual size: 896B

.text
Size: 381KB - Virtual size: 381KB

.rdata
Size: 94KB - Virtual size: 93KB

.data
Size: 189KB - Virtual size: 1.6MB

.rsrc
Size: 160KB - Virtual size: 159KB

.reloc
Size: 1024B - Virtual size: 896B