5623b47a2eaeee4b71a7af5f07a4e4d286d7589171598c15be459abde6e1dc7e

Sharing

Copy URL

Twitter E-mail

General

Target

5623b47a2eaeee4b71a7af5f07a4e4d286d7589171598c15be459abde6e1dc7e
Size

829KB
MD5

0a86750f84812a2f430f3de1ef2bb0e7
SHA1

8bd2c011955d0673cfeaf012624441274a74c5ff
SHA256

5623b47a2eaeee4b71a7af5f07a4e4d286d7589171598c15be459abde6e1dc7e
SHA512

345efcd3bd1a6ef7cff7a3d0fec3fa589783c243f60bf5605446e430af4ccd6268b845fb9b5635c7652bca2fafb84a98323b81af051d9ea2b07fb73c82bb15ac
SSDEEP

12288:WC1hxx5aAJLNw6lvtYWaalc/AGEXwwOSZLCcy/tPqi5vpsUPLcOjJWaq:WCJK+w6lvtYCclEXwrtqvUP42u

Score

N/A

Malware Config

Signatures

Files

5623b47a2eaeee4b71a7af5f07a4e4d286d7589171598c15be459abde6e1dc7e
.exe windows x86

aee74ce6883e812b89ed4d337b9540b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mapi32

FtMulDw@12
FEqualNames@8
MAPIAllocateBuffer@8
GetOutlookVersion@0
ScUNCFromLocalPath@12
MNLS_WideCharToMultiByte@32
FBadRestriction@4
HrSetOneProp@8
HrAddColumnsEx@20
RTFSync@12
BMAPIAddress
ScMAPIXFromSMAPI
MAPIAdminProfiles
SwapPword@8
MAPILogoff

d3dim

Direct3DCreateTexture
D3DMalloc
SurfaceFlipNotify
FlushD3DDevices
Direct3DCreateDevice
D3DRealloc
FlushD3DDevices2
PaletteUpdateNotify
Direct3DCreate
D3DFree
Direct3D_HALCleanUp
PaletteAssociateNotify

sqlunirl

_DlgDirSelectEx_@16
_PageSetupDlg_@4
_SendMessage@16
_QueryServiceConfig_@16
_CreateDesktop_@24
_CharLower@4
_ReplaceText_@4
_CreateProcessAsUser_@44
_CharToOemBuff_@12
_SendDlgItemMessage@20
_GetLogicalDriveStrings_@8
_GetWindowsDirectory_@8
_CreateFile@28
_CreateFontIndirect@4
_GetBinaryType_@8
_SHBrowseForFolder_@4
_GetProfileSection_@12
_GetServiceDisplayName_@16
_LoadMenuIndirect_@4
_ObjectPrivilegeAuditAlarm_@24
_OpenFileMapping_@12
_GetEnvironmentStrings_@4
_DefDlgProc_@16
_InitiateSystemShutdown_@20
_lstrcat_@8
_GetCommandLine_@0
_CreateScalableFontResource_@16

kernel32

QueryPerformanceCounter
EnterCriticalSection
GetFileAttributesA
FreeEnvironmentStringsW
EndUpdateResourceW
GetVolumeInformationA
AddVectoredExceptionHandler
SetConsoleMenuClose
GetVersionExW
GetBinaryType
FindNextChangeNotification
GetCurrentThread
Thread32First
RtlZeroMemory
CancelTimerQueueTimer
GetLocaleInfoW
SetFileShortNameA
QueryInformationJobObject
GetNextVDMCommand
InvalidateConsoleDIBits
SetFirmwareEnvironmentVariableA
SetPriorityClass
CreateMemoryResourceNotification
IsDBCSLeadByteEx
GetConsoleOutputCP
UnregisterConsoleIME
ExpandEnvironmentStringsA
GetNumberOfConsoleFonts
CreateJobSet
_lclose
CreateFileMappingA
SetConsoleIcon
LZClose
LoadLibraryW
ReadConsoleA
GetModuleHandleW

Sections

.text
Size: 407KB - Virtual size: 407KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aee74ce6883e812b89ed4d337b9540b2

Headers

DLL Characteristics

File Characteristics

Imports

mapi32

d3dim

sqlunirl

kernel32

Sections

.text Size: 407KB - Virtual size: 407KB

.rdata Size: 113KB - Virtual size: 113KB

.data Size: 157KB - Virtual size: 1.5MB

.rsrc Size: 149KB - Virtual size: 148KB

.reloc Size: 1024B - Virtual size: 908B

.text
Size: 407KB - Virtual size: 407KB

.rdata
Size: 113KB - Virtual size: 113KB

.data
Size: 157KB - Virtual size: 1.5MB

.rsrc
Size: 149KB - Virtual size: 148KB

.reloc
Size: 1024B - Virtual size: 908B