f0968dda6b1b164253254875b301efe61189c6246d93d9d44ce28a2625ea9870

Sharing

Copy URL Twitter E-mail

General

Target

f0968dda6b1b164253254875b301efe61189c6246d93d9d44ce28a2625ea9870
Size

421KB
MD5

9f40bc7775775a02d09b72bb93cd78d3
SHA1

00910ae9c9a0fbba60459a4b8a0f512953de0a13
SHA256

f0968dda6b1b164253254875b301efe61189c6246d93d9d44ce28a2625ea9870
SHA512

691643feee5761b433fe8f79364cd5118ebef54c58549fc07e93c5499def92234493ddda8db7e3c9fd69f936547c30044041928d2a7eb401824701bce68069d4
SSDEEP

12288:gnRwd8y+2thw/sEjGO+5WlQEqp3rRMh5eHL37UWGPSd:KRC8rrsEjGOKEebRMzeTGP

Score

N/A

Malware Config

Signatures

Files

f0968dda6b1b164253254875b301efe61189c6246d93d9d44ce28a2625ea9870
.exe windows x86

60518364749b5059d118cf05fd2aa7c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

mprapi

MprAdminMIBServerConnect
MprAdminMIBServerDisconnect
MprAdminPortClearStats
MprAdminPortDisconnect
MprAdminPortEnum
MprAdminPortGetInfo
MprAdminPortReset
MprAdminSendUserMessage
MprAdminServerConnect
MprAdminServerDisconnect
MprAdminServerGetCredentials
MprAdminServerGetInfo
MprAdminServerSetCredentials
MprAdminTransportCreate
MprAdminTransportGetInfo
MprAdminTransportSetInfo
MprAdminUpgradeUsers
MprAdminUserClose
MprAdminUserGetInfo
MprAdminUserOpen
MprAdminUserRead
MprAdminUserSetInfo
MprAdminUserWrite
MprAdminUserWriteProfFlags
MprConfigBufferFree
MprConfigGetFriendlyName
MprConfigGetGuidName
MprConfigInterfaceCreate
MprConfigInterfaceDelete
MprConfigInterfaceEnum
MprConfigInterfaceGetHandle

kernel32

GetSystemTime
GetACP
GetSystemDirectoryA
GetVersionExA
PeekConsoleInputW
EnumCalendarInfoA
CallNamedPipeW
_lread
_lopen

mapi32

MAPIFindNext
MAPILogonEx
MAPIReadMail
MAPIUninitialize
MAPIFreeBuffer
OpenStreamOnFile
MAPISendDocuments
MAPIResolveName

msvcrt

fopen
fread

certcli

CAAccessCheck
CAAccessCheckEx
CAAddCACertificateType
CACertTypeAccessCheck
CACertTypeAccessCheckEx
CACertTypeGetSecurity
CACertTypeQuery
CACertTypeRegisterQuery
CACertTypeSetSecurity
CACertTypeUnregisterQuery
CACloneCertType
CAAccessCheck
CAAccessCheckEx
CAAddCACertificateType
CACertTypeAccessCheck
CACertTypeAccessCheckEx
CACertTypeGetSecurity
CACertTypeQuery
CACertTypeRegisterQuery
CACertTypeSetSecurity
CACertTypeUnregisterQuery
CACloneCertType

Sections

.code
Size: 1KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DATA
Size: 11KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 407KB - Virtual size: 408KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

60518364749b5059d118cf05fd2aa7c9

Headers

File Characteristics

Imports

mprapi

kernel32

mapi32

msvcrt

certcli

Sections

.code Size: 1KB - Virtual size: 18KB

.DATA Size: 11KB - Virtual size: 80KB

.rsrc Size: 407KB - Virtual size: 408KB

.data Size: 512B - Virtual size: 512B

.code
Size: 1KB - Virtual size: 18KB

.DATA
Size: 11KB - Virtual size: 80KB

.rsrc
Size: 407KB - Virtual size: 408KB

.data
Size: 512B - Virtual size: 512B