7cdbde47719765dfaf630ba5216d0b9b324b07e6e0a885f68b8dc9b2fdf195b8

Sharing

Copy URL Twitter E-mail

General

Target

7cdbde47719765dfaf630ba5216d0b9b324b07e6e0a885f68b8dc9b2fdf195b8
Size

51KB
MD5

c51e273f91387609b6126ddbb589767d
SHA1

78e9d978cec24d570050740dd660b29d61bc1ca4
SHA256

7cdbde47719765dfaf630ba5216d0b9b324b07e6e0a885f68b8dc9b2fdf195b8
SHA512

02cde8b1793ccfddc88d1d3efb75bda1fc5a1b42123b68a97846d16ce1edeebe609d18fb5243e66bef2390201036475b5a63566d652de95f97ae81bea87b2eb2
SSDEEP

1536:mL/VnWkD1YsU/oMT17C7gE3uagPUwEAYkGXnaOKNg:mL/VWkDhU/okE3tgswvzGXaOKN

Score

N/A

Malware Config

Signatures

Files

7cdbde47719765dfaf630ba5216d0b9b324b07e6e0a885f68b8dc9b2fdf195b8
.exe windows x86

6c4a85d214883fb8dbe6310baa4e5b8e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
ReadFile
HeapSummary
SetLocalPrimaryComputerNameA
Beep
CancelWaitableTimer
DeleteFiber
CopyFileExW
HeapLock
EndUpdateResourceA
GetSystemWow64DirectoryA
GetComputerNameW
UpdateResourceW
GetOEMCP
ReadDirectoryChangesW
Module32Next
LoadLibraryA
QueryPerformanceFrequency
SetConsoleHardwareState
DeleteVolumeMountPointA
GetTickCount
WriteConsoleInputA
GetTimeZoneInformation
VirtualAlloc
WriteFileEx
HeapCreate
SetComputerNameExA
lstrcatA
VDMConsoleOperation
GetCurrentProcess
GetProcessShutdownParameters
TlsGetValue
SearchPathA
VerLanguageNameA
FillConsoleOutputAttribute
GetLocaleInfoA

ws2_32

WSAStringToAddressW
WSAProviderConfigChange
WSADuplicateSocketW
gethostname
WSACancelBlockingCall
WSAEnumNetworkEvents
recv
WSAEnumNameSpaceProvidersA
WSAHtonl
WSASend
WSCGetProviderPath
closesocket
WSASetBlockingHook
WSCEnableNSProvider
WSCUnInstallNameSpace
WSAEnumProtocolsA
getsockname
WSALookupServiceBeginW
WSAAsyncGetServByPort
WSCWriteNameSpaceOrder
WSASendTo
WSAStartup
WSANSPIoctl
WSACloseEvent
WSANtohl
WPUCompleteOverlappedRequest
WSAHtons
inet_addr
WSAIsBlocking
WSAWaitForMultipleEvents

msvcrt

wcscspn
_fullpath
_outpd
__set_app_type
strcmp
tmpfile
__p__commode
_sys_errlist
is_wctype
_mbschr
_fputwchar
exit
_execve
__getmainargs
_umask
_purecall
wcstok
_getmbcp
_i64toa
_searchenv
_findfirsti64
_osver
remove
_pctype
fflush
islower
_mbscpy
_execv
_open
__threadhandle
vwprintf

cmdial32

RasCustomHangUp
RasCustomDialDlg
RasCustomDial
RasCustomEntryDlg
CmCustomDialDlg
CmCustomHangUp
RasCustomDeleteEntryNotify
_AutoDialFunc@16
CmReConnect
AutoDialFunc
InetDialHandler
_InetDialHandler@16

cfgmgr32

CM_Disable_DevNode_Ex
CM_Enumerate_Classes
CM_Query_Remove_SubTree_Ex
CM_Get_Class_Name_ExA
CM_Query_Arbitrator_Free_Data_Ex
CM_Get_Next_Log_Conf
CM_Query_And_Remove_SubTreeA
CM_Test_Range_Available
CM_Add_ID_ExW
CM_Set_HW_Prof_Ex
CM_Get_Resource_Conflict_Count
CM_Get_Device_ID_ListW
CM_Is_Dock_Station_Present_Ex
CM_Get_Device_Interface_ListW
CM_Unregister_Device_InterfaceW
CM_Get_Next_Log_Conf_Ex
CM_Connect_MachineA
CM_Modify_Res_Des_Ex
CM_Query_And_Remove_SubTree_ExW
CM_Get_Device_ID_ExA
CM_Register_Device_InterfaceA
CM_Dup_Range_List
CM_Get_DevNode_Status
CM_Remove_SubTree
CM_Get_Class_NameA
CM_Disable_DevNode
CM_Move_DevNode_Ex
CM_Get_Device_Interface_AliasA
CM_Enumerate_EnumeratorsW
CM_Reenumerate_DevNode
CM_Create_DevNode_ExA
CM_Get_Class_Name_ExW
CM_Add_Range
CM_Get_Log_Conf_Priority
CM_Enable_DevNode

user32

EndDialog
MessageBoxW

mapi32

LAUNCHWIZARD
FBadPropTag@4
MAPIReadMail
MAPIFreeBuffer
HrDecomposeEID@28
HrAddColumnsEx@20
MAPIAddress
InstallFilterHook@4
ScGenerateMuid@4
ScCopyProps@16
ScDupPropset@16
OpenIMsgSession@12
UNKOBJ_ScSzFromIdsAlloc@20
CreateIProp@24
MAPILogon
BMAPIResolveName
ScRelocNotifications@20
HrSzFromEntryID@12
MAPIOpenLocalFormContainer@4
SwapPlong@8
ScCreateConversationIndex@16
cmc_send
cmc_list
UFromSz@4
cmc_logon
MAPIGetDefaultMalloc@0
MAPISendMail
LaunchWizard@20
cmc_act_on

shell32

SHGetMalloc

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c4a85d214883fb8dbe6310baa4e5b8e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ws2_32

msvcrt

cmdial32

cfgmgr32

user32

mapi32

shell32

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 8KB - Virtual size: 8KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 1KB - Virtual size: 1KB