91183caa3e2a562f2042f48172a4ab0f033b9713a768373956a7c270b178fd0c

Sharing

Copy URL Twitter E-mail

General

Target

91183caa3e2a562f2042f48172a4ab0f033b9713a768373956a7c270b178fd0c
Size

226KB
MD5

69fe6503ba003df7ee0e02d4247b9340
SHA1

bbe6bbd6fde7cd5d703ded76d7c9259f7b5544d6
SHA256

91183caa3e2a562f2042f48172a4ab0f033b9713a768373956a7c270b178fd0c
SHA512

4983e7a8dfab6d5f1bd6c1aead7053c0d4c6c30c60e58dd15430f4f41794cc7db254d04c54673d3c43d2e92eefda614ef622b9a691217bc9d1f89714f93cfc09
SSDEEP

6144:i/mvTF5ANS4gHJwgWEQqRH3Bo7G4aKUSYgxSoiFrXhi9Q:CIB5KS4gHJwwRxiLxyRF

Score

N/A

Malware Config

Signatures

Files

91183caa3e2a562f2042f48172a4ab0f033b9713a768373956a7c270b178fd0c
.exe windows x86

132bdcf0b93686d584a3ebb4c62bad21

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

inetcomm

MimeOleParseRfc822AddressW
MimeOleSMimeCapAddSMimeCap
MimeOleInetDateToFileTime
MimeOleStripHeaders
EssReceiptRequestDecodeEx
MimeOleCreateSecurity
MimeOleGetRelatedSection
MimeEditIsSafeToRun
EssSecurityLabelDecodeEx
MimeOleGetDefaultCharset
HrSaveAttachmentAs
HrSaveAttachToFile
MimeEditCreateMimeDocument
MimeOleGetAllocator
GetDllMajorVersion
MimeOleCreateHeaderTable
DllGetClassObject
MimeOleGetFileInfoW
MimeOleFindCharset
HrGetAttachIcon
MimeOleGetCodePageInfo
MimeOleGetBodyPropW
MimeOleGenerateFileName
MimeOleCreateVirtualStream
MimeOleOpenFileStream
MimeOleGenerateCID
MimeOleGetPropertySchema

user32

SetWindowRgn
CreateWindowStationA
GetMenuItemInfoA
GetClassInfoExW
IsHungAppWindow
DdeNameService
EnableMenuItem
ReasonCodeNeedsBugID
GetDlgItemTextA

mfcsubs

?GetAssocAt@CMapStringToPtr@@IBEPAUCAssoc@1@PBGAAI@Z
?Mid@CString@@QBE?AV1@HH@Z
??YCString@@QAEABV0@G@Z
??_FCMapStringToPtr@@QAEXXZ
?AllocBuffer@CString@@IAEXH@Z
?Copy@CStringArray@@QAEXABV1@@Z
?SetAtGrow@CStringArray@@QAEXHPBG@Z
?FreeExtra@CString@@QAEXXZ
??YCString@@QAEABV0@D@Z
?SafeStrlen@CString@@KGHPBG@Z
??M@YG_NABVCString@@0@Z
?InitHashTable@CMapStringToPtr@@QAEXIH@Z
?SpanIncluding@CString@@QBE?AV1@PBG@Z
??O@YG_NPBGABVCString@@@Z
?AfxExtractSubString@@YGHAAVCString@@PBGHG@Z
?MakeUpper@CString@@QAEXXZ
??O@YG_NABVCString@@PBG@Z

kernel32

DeleteVolumeMountPointA
EnumResourceLanguagesW
GetEnvironmentVariableW
LZCreateFileW
GetCompressedFileSizeW
BuildCommDCBW
LoadLibraryA
MulDiv
ReleaseActCtx
VirtualAllocEx
OpenFileMappingA
MultiByteToWideChar
SetupComm
lstrcatA
ScrollConsoleScreenBufferW
CreateMailslotW

oleaut32

VarUI1FromUI2
SafeArrayGetIID
VarBoolFromUI1
VarI1FromUI1
VariantTimeToDosDateTime
VarBoolFromUI2
VarBstrFromUI4
VarCyFromI2
VarI8FromDec
VarBoolFromUI8
VarUI4FromDec
VarBstrCmp

msdart

?ReadOrWriteUnlock@CSpinLock@@QAEX_N@Z
?_Initialize@CLKRLinearHashTable@@AAE?AW4LK_RETCODE@@P6G?BKPBX@ZP6GKK@ZP6G_NKK@ZP6GX0H@ZPBDNK@Z
?IsWriteLocked@CLKRLinearHashTable@@QBE_NXZ
?TryReadLock@CSmallSpinLock@@QAE_NXZ
?ConvertExclusiveToShared@CSpinLock@@QAEXXZ
?_ReadLockSpin@CReaderWriterLock3@@AAEXW4SPIN_TYPE@1@@Z
?_H1@CLKRLinearHashTable@@ABEKK@Z
?_TryWriteLock2@CReaderWriterLock3@@AAE_NXZ
?Unlock@CLockedSingleList@@QAEXXZ
?TryWriteLock@CReaderWriterLock3@@QAE_NXZ
?SetDefaultSpinAdjustmentFactor@CReaderWriterLock3@@SGXN@Z
?_LockSpin@CReaderWriterLock@@AAEX_N@Z
?_InsertThisIntoGlobalList@CLKRHashTable@@AAEXXZ
?_TryWriteLock@CReaderWriterLock3@@AAE_NJ@Z
?ConvertSharedToExclusive@CCritSec@@QAEXXZ

ir50_qc

FreeInstanceData
CompressQuery
CompressBegin
DllMain
CompressFramesInfo
AllocInstanceData
SetScalability
SetCPUID
CompressEnd
Compress

Sections

.text
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

132bdcf0b93686d584a3ebb4c62bad21

Headers

File Characteristics

Imports

inetcomm

user32

mfcsubs

kernel32

oleaut32

msdart

ir50_qc

Sections

.text Size: 151KB - Virtual size: 150KB

.rdata Size: 9KB - Virtual size: 18KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 15KB - Virtual size: 69KB

.rsrc Size: 3KB - Virtual size: 3KB

.data Size: 41KB - Virtual size: 40KB

.text
Size: 151KB - Virtual size: 150KB

.rdata
Size: 9KB - Virtual size: 18KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 15KB - Virtual size: 69KB

.rsrc
Size: 3KB - Virtual size: 3KB

.data
Size: 41KB - Virtual size: 40KB