80366512912654c25b5cead8829f2d793eda93bfef9eed70824f7cdedb482f6d

Sharing

Copy URL

Twitter E-mail

General

Target

80366512912654c25b5cead8829f2d793eda93bfef9eed70824f7cdedb482f6d
Size

164KB
MD5

434fd6d1e714d31271aa7250567ca8ec
SHA1

41c486f37b4c49b87d97a866372fee75e667d4f9
SHA256

80366512912654c25b5cead8829f2d793eda93bfef9eed70824f7cdedb482f6d
SHA512

6a51e49fa354fd8ade3398667a0d2e3b8db40d24efbf5a6324fc77e2357dc8dbf316f0a89f77a508a4e3fc158d648988c737435b6b0c97270948c86090363f4d
SSDEEP

3072:vBGftSK6Q7P66jpeR+30HEgLGxXfo3vlEJ405AyvzQvx8/37OAi6F/pB6Q+Acov:sFdT5jpR30HEgyXMv+J40+wz5F/yQ+I

Score

N/A

Malware Config

Signatures

Files

80366512912654c25b5cead8829f2d793eda93bfef9eed70824f7cdedb482f6d
.exe windows x86

ed1b695eca366ec8630f8ce54aee1cc7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleInputExeNameA
CreateDirectoryExA
GetProcessVersion
SetConsoleCP
SetComputerNameExA
LoadLibraryW
GetVolumeNameForVolumeMountPointW
GetFileSize
GetModuleHandleW
IsValidCodePage
SetConsoleNumberOfCommandsA
GetComputerNameExW
GetCurrentThread
GetCurrentThreadId
RemoveDirectoryW
WritePrivateProfileStructW
SetDefaultCommConfigW
MoveFileWithProgressW

atmlib

ATMGetMenuNameA
ATMEnumFonts
ATMFontAvailable
ATMBeginFontChange
ATMSetFlags
ATMGetPostScriptName
ATMGetOutlineA
ATMXYShowText
ATMEnumMMFontsA
ATMGetNtmFieldsW
ATMGetMenuName
ATMInstallSubstFontA

mapistub

MAPIFreeBuffer
__CPPValidateParameters@8
MapStorageSCode@4
HrGetOneProp@12
ScCopyNotifications@16
MNLS_IsBadStringPtrW@8
UFromSz@4
cmc_query_configuration
MNLS_MultiByteToWideChar@24
GetTnefStreamCodepage@12
WrapCompressedRTFStream
MNLS_CompareStringW@24
MAPIResolveName
MAPILogoff
UNKOBJ_ScAllocateMore@16
MAPISaveMail
MAPIDetails
HrSzFromEntryID@12
UNKOBJ_ScAllocate@12
ScMAPIXFromCMC
cmc_send
MAPIAllocateBuffer
CreateIProp@24
MAPIInitIdle@4
HrThisThreadAdviseSink@8
FDecodeID@12

crtdll

fopen
_mbsicmp
difftime
_execle
_strset
_baseminor_dll
_strdup
_chdir
_mbslwr
_clearfp
_osmajor_dll
??3@YAXPAX@Z
_iob
_ismbcprint
isupper
_timezone_dll
iswpunct
__mb_cur_max_dll
_splitpath
_loaddll
_getw
wcstod
iswalnum
_acmdln_dll
strspn

oleaut32

VarI1FromUI4
VarDiv
VariantCopyInd
VarI2FromUI4
VarUI1FromDec
VarDateFromCy
SafeArrayCopy
BSTR_UserFree
VarDateFromI4

raschap

RasEapGetInfo
RasCpEnumProtocolIds
RasCpGetInfo

hid

HidD_Hello
HidD_GetConfiguration
HidP_SetUsages
HidD_SetNumInputBuffers
HidP_SetScaledUsageValue
HidD_FlushQueue
HidP_GetSpecificButtonCaps
HidP_GetUsageValueArray
HidD_GetSerialNumberString
HidD_GetMsGenreDescriptor
HidD_GetProductString
HidD_GetInputReport

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed1b695eca366ec8630f8ce54aee1cc7

Headers

File Characteristics

Imports

kernel32

atmlib

mapistub

crtdll

oleaut32

raschap

hid

Sections

.text Size: 86KB - Virtual size: 85KB

.rdata Size: 42KB - Virtual size: 41KB

.data Size: 32KB - Virtual size: 31KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 924B

.text
Size: 86KB - Virtual size: 85KB

.rdata
Size: 42KB - Virtual size: 41KB

.data
Size: 32KB - Virtual size: 31KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 924B