38e2f0c9913812517a4fa41a0714fff4e8a9836099e3f1b15e1804d490039547

Sharing

Copy URL Twitter E-mail

General

Target

38e2f0c9913812517a4fa41a0714fff4e8a9836099e3f1b15e1804d490039547
Size

896KB
MD5

2e337b2b2bd5f291e8751b2d9313c2e4
SHA1

bcfc5863a90218ac1b965b6067a73b3f1f2f87e2
SHA256

38e2f0c9913812517a4fa41a0714fff4e8a9836099e3f1b15e1804d490039547
SHA512

99cd02d092a10f34450f2a5f3236468843b0d3deed9ca498aeeb2bba0d635bdf2da502c3743766eff057dab5d1447220725a884aa5d966ba1258d27edf31bd90
SSDEEP

12288:Wd0wDjBf9udmNTprOaUPjbXrS6wDks0HBxc1Ce8mKep3OTi93JEzyx:UluoprOa6j60HB21Ceeep33LEzyx

Score

N/A

Malware Config

Signatures

Files

38e2f0c9913812517a4fa41a0714fff4e8a9836099e3f1b15e1804d490039547
.dll windows x86

b443dc4f2cc86e99de0993e757291cce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
HeapAlloc
HeapFree
HeapReAlloc
VirtualAlloc
GetCommandLineA
GetProcessHeap
RtlUnwind
ExitProcess
RaiseException
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetHandleCount
GetFileType
GetCPInfo
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
SetConsoleCtrlHandler
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GlobalGetAtomNameA
GlobalFindAtomA
SetConsoleMode
ReadConsoleInputA
GetDriveTypeA
FlushConsoleInputBuffer
GlobalMemoryStatus
lstrcmpW
GetVersionExA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
FindFirstFileA
FindClose
GetCurrentProcess
GetThreadLocale
FlushFileBuffers
InterlockedIncrement
GlobalFlags
GetCurrentDirectoryA
WritePrivateProfileStringA
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedDecrement
GetModuleFileNameW
GlobalAddAtomA
GlobalFree
GlobalUnlock
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
GetModuleFileNameA
EnumResourceLanguagesA
GetLocaleInfoA
GlobalLock
lstrcmpA
GlobalAlloc
GlobalDeleteAtom
GetModuleHandleA
GetVersion
CompareStringA
InterlockedExchange
MultiByteToWideChar
CompareStringW
WaitForSingleObject
SetLastError
WriteFile
SetEndOfFile
SetFilePointer
GetLocalTime
GetTimeZoneInformation
ReadFile
CloseHandle
GetFileSize
CreateFileA
GetLastError
LocalFree
FormatMessageA
lstrlenA
FindResourceA
LoadResource
EnterCriticalSection
LockResource
SizeofResource
WideCharToMultiByte
FreeLibrary
GetProcAddress
LoadLibraryA
Sleep
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetStartupInfoA

user32

SetForegroundWindow
GetClientRect
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetSysColor
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetDesktopWindow
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetWindowTextA
SetWindowTextA
GetMessageTime
UnhookWindowsHookEx
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetProcessWindowStation
GetUserObjectInformationW
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowThreadProcessId
SendMessageA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MapWindowPoints
GetClassNameA
GetMessagePos
PostQuitMessage
PostMessageA
DispatchMessageA
PeekMessageA
EnableWindow
MessageBoxA
GetTopWindow
GetDlgItem
GetForegroundWindow
IsWindow
RemovePropA
GetPropA
DestroyMenu
LoadCursorA
GetSysColorBrush
ShowWindow
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
UnregisterClassA
SetPropA
DestroyWindow

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
DeleteObject
CreateBitmap
GetDeviceCaps

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegisterEventSourceA
DeregisterEventSource
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
CryptHashData
CryptCreateHash
CryptDestroyHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextA
ReportEventA

shlwapi

PathFindExtensionA
PathFindFileNameA

ws2_32

WSAGetLastError
gethostname
bind
htons
inet_addr
gethostbyname
WSAStartup
WSACleanup
WSASetLastError
select
socket
shutdown
send
recv
connect
closesocket
htonl

oleaut32

VariantClear
VariantChangeType
VariantInit

rpcrt4

UuidCreate
RpcStringFreeA
UuidToStringA

Exports

Exports

??0CSmtpClient@@QAE@ABV0@@Z
??0CSmtpClient@@QAE@QBD0000000HH@Z
??0CSmtpClient@@QAE@XZ
??1CSmtpClient@@QAE@XZ
??4CSmtpClient@@QAEAAV0@ABV0@@Z
?SendMail@CSmtpClient@@QAEHQBD0000000HH@Z
?SendMail@CSmtpClient@@QAEHXZ
GetNewInf

Sections

.text
Size: 580KB - Virtual size: 579KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b443dc4f2cc86e99de0993e757291cce

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

ws2_32

oleaut32

rpcrt4

Exports

Exports

Sections

.text Size: 580KB - Virtual size: 579KB

.rdata Size: 168KB - Virtual size: 167KB

.data Size: 68KB - Virtual size: 89KB

.rsrc Size: 20KB - Virtual size: 19KB

.reloc Size: 56KB - Virtual size: 55KB

.text
Size: 580KB - Virtual size: 579KB

.rdata
Size: 168KB - Virtual size: 167KB

.data
Size: 68KB - Virtual size: 89KB

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 56KB - Virtual size: 55KB