91b0060e425902abbedccdca0d801d6786454523ab06a776e8bb034ff84d143d

General

Target

91b0060e425902abbedccdca0d801d6786454523ab06a776e8bb034ff84d143d
Size

425KB
MD5

b99baff6d2bed6da99bff6a5890f7e68
SHA1

99475ebe4a5d89cac2456c962f292f02a6acc384
SHA256

91b0060e425902abbedccdca0d801d6786454523ab06a776e8bb034ff84d143d
SHA512

636ea39acdf91f9ade232eb7a270225e09a8a6c84514dc55a599b8371c59ee831cd48b1d049b198e72eac1d3c855d3b671ea0fb4235a4fb15c761c5610a2f00c
SSDEEP

12288:/H8OyEWiem8Rk9u5ov3eK7fZBw+lJ/BxzooFxyA+:kOv6m8u9u5I39kiJJxzo8Q

Score

N/A

Malware Config

Signatures

Files

91b0060e425902abbedccdca0d801d6786454523ab06a776e8bb034ff84d143d
.exe windows x86

1a9827d744c32c76ade9f8e546a48a42

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EnumEnhMetaFile
GetTextExtentPointA

advapi32

ObjectCloseAuditAlarmW
InitiateSystemShutdownW
AbortSystemShutdownW
GetLengthSid
CryptGetProvParam
RegQueryInfoKeyW
LookupAccountSidA
SetKernelObjectSecurity
BuildTrusteeWithNameW
AdjustTokenPrivileges
StartServiceW
CreateProcessAsUserW
GetAce
DestroyPrivateObjectSecurity
IsValidAcl
RegOpenKeyA

kernel32

FileTimeToSystemTime
InterlockedExchangeAdd
GetTempFileNameA
CreateMutexW
LocalUnlock
GetPrivateProfileSectionNamesA
GetNumberFormatW
BackupRead
GetFileAttributesA
GetSystemDirectoryA
WriteConsoleInputA
GetCurrentThreadId
UpdateResourceA
InterlockedExchange
QueueUserAPC

user32

GetUserObjectInformationA
DrawTextA
EnumDisplayDevicesA
SendNotifyMessageW
GetMessageA
DispatchMessageW
PeekMessageW
AppendMenuW
OpenClipboard
IsDialogMessageA
GetMessageW
UnhookWinEvent
mouse_event
ToUnicode
CheckMenuRadioItem
ToUnicodeEx
EmptyClipboard
FlashWindowEx
WinHelpA
BeginDeferWindowPos
ScrollWindow
ChangeMenuA
wvsprintfA
SetWindowsHookExA
UnregisterHotKey
SetWindowPos
GetWindowWord
GetCaretPos
IsZoomed
GetMessageExtraInfo
GetClipboardFormatNameA
ShowCaret
CloseWindow

shell32

ExtractIconExW
SHFileOperationW
SHGetPathFromIDListW
Shell_NotifyIconA

Sections

.text
Size: 42KB - Virtual size: 352KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 368KB - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a9827d744c32c76ade9f8e546a48a42

Headers

File Characteristics

Imports

gdi32

advapi32

kernel32

user32

shell32

Sections

.text Size: 42KB - Virtual size: 352KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 368KB - Virtual size: 367KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 42KB - Virtual size: 352KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 368KB - Virtual size: 367KB

.rsrc
Size: 10KB - Virtual size: 9KB