6631cb01fdc26a413aed2024c8c7d516d4fdb0f7829f12367a776eb2a3f124dd

Sharing

Copy URL

Twitter E-mail

General

Target

6631cb01fdc26a413aed2024c8c7d516d4fdb0f7829f12367a776eb2a3f124dd
Size

5.7MB
MD5

ed644cc9fad09c2f9eaedf4ad4cd266c
SHA1

2ea0efebea734c46f448002d1d144fdd7175ca7b
SHA256

6631cb01fdc26a413aed2024c8c7d516d4fdb0f7829f12367a776eb2a3f124dd
SHA512

16e176614ee97c3056177769965d965915616d217070b17d2aa58c7a669d6f224e70be193c97df7d3859604dec1c7ce19d864fe158b6147068b2837db9b2024b
SSDEEP

98304:W2ko/N+3tUaiYPD8To7Q8ShB3fQxIb7YlpA6LVFUBoHgcy+SLnt:WzoOawTs3fQqb7GpA6hFUBoQ

Score

N/A

Malware Config

Signatures

Files

6631cb01fdc26a413aed2024c8c7d516d4fdb0f7829f12367a776eb2a3f124dd
.rar
dictionaryE/ARABIC
dictionaryE/ARB.TXT
dictionaryE/ARBSPELL.ALL
dictionaryE/A_NOISY.DCN
dictionaryE/DIC32.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 696KB - Virtual size: 696KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dictionaryE/DIC32.rar
.rar
dictionaryE/DICT2.INI
dictionaryE/DIC_MMMP.DLL
.dll windows x86

60611e1cbf22a930e680f6a9211ed8a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
_lclose
GlobalLock
GlobalAlloc
OpenFile
GlobalFree
GlobalUnlock
_lread
_llseek
FatalAppExitA
_hread
WideCharToMultiByte
GetEnvironmentStringsW
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
HeapCreate
HeapDestroy
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetModuleFileNameA
GetCPInfo
GetACP
lstrlenA
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
WriteFile
GetStringTypeA
GetStringTypeW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
DebugBreak
InterlockedDecrement
OutputDebugStringA
LoadLibraryA
InterlockedIncrement
HeapFree
RtlUnwind
SetFilePointer
FlushFileBuffers
SetStdHandle
CloseHandle
GetLocaleInfoW
GetLocaleInfoA
LCMapStringA
LCMapStringW

user32

GetFocus
MessageBoxA

Exports

Exports

ARB_check_word
ARB_suggest_word
CheckAffxApp
MMMP_main
NEW_ARB_check_word
NEW_ARB_suggest_word
WEP
cls_arb_speller
init_arb_speller
stand_alone_synth

Sections

.text
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dictionaryE/ENG.TXT
dictionaryE/ENGLISH
dictionaryE/E_NOISY.DCN
dictionaryE/GCDLLW32.DLL
.dll windows x86

89ae8b6f8029cd6a03e9ad9bf769485e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
_lclose
_llseek
_lopen
_hread
_lread
_hwrite
_lwrite
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
LocalAlloc
GetCPInfo
GetOEMCP
GetEnvironmentStrings
GetCommandLineA
GetVersion
GetLocalTime
GetLastError
_lcreat
ExitProcess
VirtualFree
VirtualAlloc
GetModuleFileNameA
GetACP
SetEnvironmentVariableA
GetFileAttributesA
GetStdHandle
GetFileType
GetStartupInfoA
WriteFile
WideCharToMultiByte
GetProcAddress
GetModuleHandleA
MultiByteToWideChar
LoadLibraryA
GetTimeZoneInformation

user32

wsprintfA

Exports

Exports

GCS
Gcorect
Gdesc
Gdocstat
Ginit
Gmessage
Gpdusr
Gprofile
Gterm

Sections

.text
Size: 595KB - Virtual size: 595KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 207B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dictionaryE/GEN3MEN0.DAT
dictionaryE/GENPFEN0.DAT
dictionaryE/GROUP.ENG
dictionaryE/IMP_SYN.MAP
dictionaryE/LEXENTRY.FRQ
dictionaryE/MAPFILES.ALL
dictionaryE/MMMPAAAL.ALL
dictionaryE/NON.TXT
dictionaryE/PPR_SYN.MAP
dictionaryE/PRS_SYN.MAP
dictionaryE/PST_SYN.MAP
dictionaryE/QBPL_SYN.MAP
dictionaryE/QIMP_SYN.MAP
dictionaryE/QPPR_SYN.MAP
dictionaryE/QPRS_SYN.MAP
dictionaryE/QPST_SYN.MAP
dictionaryE/ROOTMP.TXT
dictionaryE/SKRDIC1.DLL
.dll windows x86

cb91557ec0eb2970b2b1081c6f7617a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
lstrlenA
FreeLibrary
GlobalFree
GlobalUnlock
GetPrivateProfileStringA
GetProcAddress
GlobalLock
GlobalAlloc
_llseek
_hread
OpenFile
lstrcatA
lstrcpyA
GetWindowsDirectoryA
FatalAppExitA
CloseHandle
SetFilePointer
ReadFile
_hwrite
_lclose
GetCommandLineA
LCMapStringW
WideCharToMultiByte
GetLocaleInfoW
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
FlushFileBuffers
VirtualAlloc
SetStdHandle
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetLastError
DeleteFileA
CreateFileA
GetModuleHandleA
GetVersion
SetEndOfFile
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
HeapFree
WriteFile
MultiByteToWideChar
LCMapStringA
GetModuleFileNameA
TlsGetValue
HeapAlloc
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
VirtualFree
HeapDestroy
HeapCreate
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA

user32

IsCharAlphaA
MessageBoxA
DrawTextA
InflateRect
CopyRect
FillRect
SendMessageA
LoadCursorA
SetCursor
GetSysColor
SetTimer
SetWindowTextA
DialogBoxParamA
KillTimer
GetDlgItemTextA
EnableWindow
EndDialog
SetDlgItemTextA
GetDlgItem
SendDlgItemMessageA

gdi32

SetTextColor
SetBkColor
GetStockObject
SetBkMode
DeleteObject
CreateSolidBrush

lz32

LZOpenFileA
LZCopy
LZClose

Exports

Exports

CallDictDialog
EnterWordFn
FreeDict
InitDict
Translate

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dictionaryE/STEMG.DAT
dictionaryE/SYN_GRP.ARB
dictionaryE/TBPL_SYN.MAP

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 696KB - Virtual size: 696KB

.rsrc Size: 68KB - Virtual size: 68KB

.reloc Size: 512B - Virtual size: 12B

60611e1cbf22a930e680f6a9211ed8a9

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 209KB - Virtual size: 209KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 31KB

.idata Size: 2KB - Virtual size: 1KB

.reloc Size: 19KB - Virtual size: 18KB

89ae8b6f8029cd6a03e9ad9bf769485e

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 595KB - Virtual size: 595KB

.bss Size: - Virtual size: 5KB

.rdata Size: 512B - Virtual size: 312B

.data Size: 13KB - Virtual size: 13KB

.idata Size: 1024B - Virtual size: 1012B

.edata Size: 512B - Virtual size: 207B

.reloc Size: 35KB - Virtual size: 35KB

cb91557ec0eb2970b2b1081c6f7617a9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

lz32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 80KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 11KB - Virtual size: 190KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 696KB - Virtual size: 696KB

.rsrc
Size: 68KB - Virtual size: 68KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 209KB - Virtual size: 209KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 31KB

.idata
Size: 2KB - Virtual size: 1KB

.reloc
Size: 19KB - Virtual size: 18KB

.text
Size: 595KB - Virtual size: 595KB

.bss
Size: - Virtual size: 5KB

.rdata
Size: 512B - Virtual size: 312B

.data
Size: 13KB - Virtual size: 13KB

.idata
Size: 1024B - Virtual size: 1012B

.edata
Size: 512B - Virtual size: 207B

.reloc
Size: 35KB - Virtual size: 35KB

.text
Size: 80KB - Virtual size: 80KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 11KB - Virtual size: 190KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB