4e741c73400445d54a8a50e9795e6325d533925c044317498bf42a3bf7e4ca2b

Sharing

Copy URL Twitter E-mail

General

Target

4e741c73400445d54a8a50e9795e6325d533925c044317498bf42a3bf7e4ca2b
Size

332KB
MD5

a2a5500bb6a26263882265f2f85eaea0
SHA1

1af363d5c12f8532eb1c54921a1fe45c255fbc47
SHA256

4e741c73400445d54a8a50e9795e6325d533925c044317498bf42a3bf7e4ca2b
SHA512

b8206a051cb642cdb86ba9859b16f357450a80d872cab5340f371947d8183d37fd5570c16cc68b3fdc2470c6b3354c63338728aa1a925bcc814edc926d4ad318
SSDEEP

6144:n43WRvuY1gbGn6Aj4YLcQ5ugmZyLRsZmUBMpvBcP3O/icl:n4GRWY1r6AcYLTugmQwmfBj

Score

N/A

Malware Config

Signatures

Files

4e741c73400445d54a8a50e9795e6325d533925c044317498bf42a3bf7e4ca2b
.exe windows x86

223d4346414ed6ed8e2a6305c4640d6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

OemToCharW
DdeAddData
TranslateAcceleratorW
AdjustWindowRect
wvsprintfW
IsWindowVisible
EndTask
UpdateLayeredWindow
CascadeWindows
RealGetWindowClassA
GetWindowContextHelpId
CountClipboardFormats
CreateDialogIndirectParamW
SetWindowPlacement
SendNotifyMessageW
EnumPropsA
WINNLSGetEnableStatus
GetMenuItemRect
ReplyMessage
GetKeyboardLayoutNameW
CloseWindow
FindWindowExA
GetKeyboardState

kernel32

VirtualFreeEx
GetEnvironmentStrings
LoadLibraryA
InitializeCriticalSection
GetModuleFileNameW
ReplaceFile
FindFirstVolumeW
GetSystemWindowsDirectoryA
VirtualLock
CancelTimerQueueTimer
HeapAlloc
VirtualAlloc
BackupRead
GetConsoleCommandHistoryLengthW
GetModuleHandleW
WritePrivateProfileSectionA
LZCopy
HeapCreate
WritePrivateProfileStringW
GetSystemTime
GetFullPathNameW
SetTimerQueueTimer
GetLocalTime

ntdll

RtlInitCodePageTable
RtlCheckRegistryKey
wcsrchr
strncpy
NtQueryIntervalProfile
CsrFreeCaptureBuffer
RtlGetControlSecurityDescriptor
ZwSaveMergedKeys
ZwClearEvent
RtlNumberOfSetBits
RtlDnsHostNameToComputerName
DbgUiConnectToDbg
RtlQueryInformationAcl
ZwDeleteKey
ZwSetDefaultUILanguage
ZwQuerySystemTime
ZwSetEaFile
RtlNumberGenericTableElementsAvl
NtTerminateJobObject
RtlLengthSecurityDescriptor
wcslen
ZwQueryFullAttributesFile

adsldpc

ADsSetLastError
LdapRenameExtS
LdapGetSchemaObjectCount
ADsEnumClasses
MapLDAPTypeToADSType
LdapAddExtS
ADsGetColumn
ReadServerSupportsIsADControl
LdapSearchInitPage
AdsTypeFreeAdsObjects
FreeADsMem
LdapAddS
BuildADsPathFromParent
ADsWriteAttributeDefinition
?SetExclaimnationDisabler@CLexer@@QAEXH@Z
GetDisplayName
ADSIGetNextColumnName
BuildADsPathFromLDAPPath2
InitObjectInfo
LdapTypeToAdsTypeGeneralizedTime
ADSIGetPreviousRow
ADsEnumAttributes
LdapGetValuesLen
ADsCreateAttributeDefinition
ADSIDeleteDSObject

mapi32

cmc_logoff
InstallFilterHook@4
CchOfEncoding@4
FBadRestriction@4
LAUNCHWIZARD
MAPIOpenFormMgr@8
SwapPword@8
FBadRow@4
FtMulDw@12
UlPropSize@4
LaunchWizard@20
MAPIAllocateBuffer
MAPISaveMail
MAPIReadMail
OpenStreamOnFile
DeregisterIdleRoutine@4
cmc_read
ChangeIdleRoutine@28
HrSetOneProp@8
FBinFromHex@8
ScBinFromHexBounded@12
FBadSortOrderSet@4
GetAttribIMsgOnIStg@12
MAPILogon
FBadPropTag@4
OpenIMsgOnIStg@44
cmc_list
DeinitMapiUtil@0
MAPIOpenLocalFormContainer@4
FPropContainsProp@12
WrapStoreEntryID@24
MAPIUninitialize@0
MAPIGetDefaultMalloc@0
MAPILogoff
HrAddColumnsEx@20
MAPIInitialize
__ValidateParameters@8
PpropFindProp@12
GetTnefStreamCodepage
BMAPIDetails
LPropCompareProp@8
OpenTnefStreamEx@32
HrGetOmiProvidersFlags@8
ScMAPIXFromCMC

Sections

.text
Size: 269KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 393KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

223d4346414ed6ed8e2a6305c4640d6e

Headers

File Characteristics

Imports

user32

kernel32

ntdll

adsldpc

mapi32

Sections

.text Size: 269KB - Virtual size: 268KB

.rdata Size: 38KB - Virtual size: 37KB

.data Size: 5KB - Virtual size: 393KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 269KB - Virtual size: 268KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 5KB - Virtual size: 393KB

.rsrc
Size: 18KB - Virtual size: 18KB