993a89de16ab2f81d6320782e748c29277e98900a90a3b61c9c6faf59c0b57b1

Sharing

Copy URL Twitter E-mail

General

Target

993a89de16ab2f81d6320782e748c29277e98900a90a3b61c9c6faf59c0b57b1
Size

43KB
MD5

66f964c0bfe3455428cffa9dbbb9f260
SHA1

4c064c420955bc009f8f7c7476526ecac8307dee
SHA256

993a89de16ab2f81d6320782e748c29277e98900a90a3b61c9c6faf59c0b57b1
SHA512

09d81302967ac4ddda7b58742d05c5c30f5e0663dd3dec82be7805dbae81362cf53011057449a18bcf62d2c4c660ea991399b5c8ec07fb03134d573320589503
SSDEEP

768:tfeF0IJfLy13h3ZCu+NSJETfWen+O1UTAE0/r2:tfeOIJq3RouKSAfFpUT70S

Score

N/A

Malware Config

Signatures

Files

993a89de16ab2f81d6320782e748c29277e98900a90a3b61c9c6faf59c0b57b1
.exe windows x86

3819c863426b7ad2aa56c605becf9a7c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

sxs

SxsQueryManifestInformation
SxsEndAssemblyInstall
SxsOleAut32RedirectTypeLibrary
SxsProbeAssemblyInstallation
SxsBeginAssemblyInstall
SxspGenerateManifestPathOnAssemblyIdentity
SxsRunDllInstallAssemblyW
CreateAssemblyCache
SxsRunDllInstallAssembly
SxsGenerateActivationContext
SxsOleAut32MapReferenceClsidToConfiguredClsid
SxsUninstallW
SxsInstallW
CreateAssemblyNameObject

mapi32

FBadColumnSet@4
MAPIResolveName
RTFSync
HrIStorageFromStream@16
__ValidateParameters@8
MAPIReadMail
FBadRow@4
MAPIOpenLocalFormContainer@4
BMAPIDetails
MAPISendDocuments
LpValFindProp@12
ScCreateConversationIndex@16
MAPILogonEx@20
FPropCompareProp@12
FBadRglpszW@8
cmc_act_on

rtm

RtmLockRoute
RtmGetEntityMethods
MgmGetMfeStats
MgmInitialize
RtmGetExactMatchRoute
RtmGetEnumNextHops
RtmReferenceHandles
DumpTable
RtmHoldDestination
RtmDeregisterEntity
RtmIgnoreChangedDests
RtmCreateRouteListEnum
RtmFindNextHop
RtmGetNetworkCount

kernel32

RegisterWaitForSingleObject
GetConsoleCommandHistoryA
DuplicateHandle
SearchPathW
GetLongPathNameA
TlsGetValue
ReadConsoleW
LoadLibraryW
GetTempPathW
CreateDirectoryW
GetLastError
AddLocalAlternateComputerNameA
DeleteTimerQueueTimer
ExpungeConsoleCommandHistoryW
SetConsoleMaximumWindowSize
DeleteFileA
GetFullPathNameA
SetConsoleActiveScreenBuffer
GetConsoleCursorMode
ReadConsoleOutputCharacterW
RemoveDirectoryA
SetConsoleLocalEUDC
GlobalUnfix
SetFilePointerEx
GetModuleHandleW
IsValidCodePage
GetExitCodeThread
GetNativeSystemInfo
WriteConsoleOutputA
CreateActCtxW

msvcrt

isgraph
__getmainargs
_i64toa
islower
_winminor
_strerror
exit
_callnewh
__p__commode
_longjmpex
_getmaxstdio
__set_app_type

usp10

ScriptStringFree
ScriptGetFontProperties
ScriptBreak
ScriptStringOut
ScriptStringAnalyse
ScriptApplyLogicalWidth
ScriptGetCMap
ScriptJustify
UspAllocCache
ScriptCPtoX
ScriptString_pSize
ScriptString_pLogAttr
ScriptStringGetOrder

user32

EndDialog

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3819c863426b7ad2aa56c605becf9a7c

Headers

DLL Characteristics

File Characteristics

Imports

sxs

mapi32

rtm

kernel32

msvcrt

usp10

user32

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB