26a71878528e1cbd38d8533d77350c085a6bfc62b30ce32bf3df7e4303ca4572

Sharing

Copy URL

Twitter E-mail

General

Target

26a71878528e1cbd38d8533d77350c085a6bfc62b30ce32bf3df7e4303ca4572
Size

829KB
MD5

30c15fba3400912c23430b990a6b352a
SHA1

086c631a3e5635bdeff0d656a904212b967c06b3
SHA256

26a71878528e1cbd38d8533d77350c085a6bfc62b30ce32bf3df7e4303ca4572
SHA512

ad8dd696b7b4d2b58d90bfd9ad9720fa9dbf61325a45584494488d76a2979cd61f914754c818fdcc5de7c3739658b2941ed8ee5204eb2947d4c0acd693304637
SSDEEP

24576:C+t3wU2pVRSmXofOvpITly2R/AWOuKoLqddi+xPa:CKH25Nwly2tAWKe0di+g

Score

N/A

Malware Config

Signatures

Files

26a71878528e1cbd38d8533d77350c085a6bfc62b30ce32bf3df7e4303ca4572
.exe windows x86

161d8433fdf4e816d02ef251e45cfdfa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DispatchMessageA
DdeGetQualityOfService
GetThreadDesktop
SetWindowTextA
GetAncestor
SetShellWindowEx
DlgDirListA
MB_GetString
ChangeDisplaySettingsA
MenuWindowProcA
RegisterDeviceNotificationW
IsCharAlphaA
InvalidateRgn
GetPropW
DrawTextW
CountClipboardFormats
GetClassWord
MessageBoxIndirectA
IsHungAppWindow
ToAsciiEx
SetCapture
TranslateMessage
EndPaint
CsrBroadcastSystemMessageExW
DdeReconnect

mprapi

MprAdminServerDisconnect
MprAdminInterfaceGetHandle
MprConfigInterfaceGetHandle
MprConfigGetFriendlyName
MprAdminUserServerDisconnect
MprAdminUpgradeUsers
MprAdminDeviceEnum
MprAdminTransportCreate
MprAdminInterfaceGetCredentialsEx
MprConfigInterfaceTransportAdd
MprConfigServerBackup
MprConfigInterfaceSetInfo
MprAdminIsDomainRasServer
MprConfigBufferFree
MprInfoBlockSet
MprAdminMIBEntryGetFirst
MprInfoDuplicate
MprAdminIsServiceRunning
MprAdminMIBBufferFree
MprConfigTransportCreate
MprInfoCreate
MprAdminInterfaceTransportGetInfo
MprAdminUserClose
MprAdminInterfaceQueryUpdateResult
MprAdminConnectionClearStats
MprConfigTransportGetHandle

mapi32

UlPropSize@4
MAPISendDocuments
cmc_send_documents
ScDupPropset@16
BMAPIResolveName
HrGetOmiProvidersFlags@8
WrapStoreEntryID@24
ScMAPIXFromCMC
MAPIInitIdle@4
InstallFilterHook@4
OpenTnefStream@28
HrDispatchNotifications@4
BMAPIFindNext
OpenIMsgSession@12
HrSetOmiProvidersFlagsInvalid
HrComposeEID@28
BuildDisplayTable@40
cmc_look_up

shell32

DragQueryFileW
OpenAs_RunDLL
StrRChrIA
ExtractIconExW
StrRChrW
SHGetSpecialFolderLocation
DuplicateIcon
SHBindToParent
SHFileOperation
OpenAs_RunDLLA
SHGetFileInfoA
SHHelpShortcuts_RunDLLW
SHBrowseForFolderA
SHCreateQueryCancelAutoPlayMoniker
StrCmpNA
SHQueryRecycleBinA
SHGetSpecialFolderPathA
Control_RunDLLW
ExtractIconExA
SHSetUnreadMailCountW
SheChangeDirA
SHEmptyRecycleBinA
Shell_NotifyIcon
Options_RunDLL
SHInvokePrinterCommandW
SHGetFolderPathW
InternalExtractIconListW
Options_RunDLLW

kernel32

GlobalDeleteAtom
DebugActiveProcess
DeleteCriticalSection
LoadLibraryW
SetConsoleCursorPosition
SetCommMask
GetModuleHandleA
LocalAlloc
GetLocaleInfoA
GlobalUnWire
VDMOperationStarted
EnterCriticalSection
GetLongPathNameA
SetClientTimeZoneInformation
EnumResourceLanguagesW
AddConsoleAliasA
DeleteFiber
GetCurrentThread
GetSystemDirectoryW
FindResourceA
GetUserGeoID
GetFileSize
ConnectNamedPipe
MapViewOfFileEx
AllocConsole
GetNumberOfConsoleFonts
CreateNamedPipeW
GetConsoleAliasExesA
LoadLibraryExA
InterlockedFlushSList
SetConsoleCursor
RemoveLocalAlternateComputerNameA
GetFileAttributesA
OpenEventA
VirtualLock
InterlockedPushEntrySList
FindActCtxSectionStringW
ReplaceFileW
LZCopy
GetComputerNameW
RemoveDirectoryA
WaitNamedPipeA
QueryPerformanceCounter
GetConsoleCP
GetProfileStringW
SetTimerQueueTimer
GetCurrentDirectoryW
EnumTimeFormatsW
ExpungeConsoleCommandHistoryA
GetNumberOfConsoleMouseButtons
IsBadStringPtrW
GetConsoleCursorMode
TzSpecificLocalTimeToSystemTime
OpenJobObjectA
AddVectoredExceptionHandler
VirtualAllocEx

Sections

.text
Size: 393KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

161d8433fdf4e816d02ef251e45cfdfa

Headers

DLL Characteristics

File Characteristics

Imports

user32

mprapi

mapi32

shell32

kernel32

Sections

.text Size: 393KB - Virtual size: 393KB

.rdata Size: 146KB - Virtual size: 146KB

.data Size: 157KB - Virtual size: 1.5MB

.rsrc Size: 130KB - Virtual size: 129KB

.reloc Size: 1024B - Virtual size: 924B

.text
Size: 393KB - Virtual size: 393KB

.rdata
Size: 146KB - Virtual size: 146KB

.data
Size: 157KB - Virtual size: 1.5MB

.rsrc
Size: 130KB - Virtual size: 129KB

.reloc
Size: 1024B - Virtual size: 924B