a99c2aa40209a941b193ffec0f7959bd808c43ecffe53f679b98cc6df558f002

Sharing

Copy URL Twitter E-mail

General

Target

a99c2aa40209a941b193ffec0f7959bd808c43ecffe53f679b98cc6df558f002
Size

137KB
MD5

43c48bb186340b7c55faee4d7cb5c6c9
SHA1

5e302a4f7d610823f4d5e4ee4d8d898ffb8889da
SHA256

a99c2aa40209a941b193ffec0f7959bd808c43ecffe53f679b98cc6df558f002
SHA512

d38f35bdc18e1061476e073be8f27b61e66de51abde463e2d5f26aa44671b2b13ee26161e50de036624c81c2c0ef3919055ccdbb0366fc6e1dcaa81bd92282af
SSDEEP

3072:UvYX1hY1EyHuyne7eIPH6DcWQ3ZGn0GeppesMVzUs/bSSfoENH:FXUkv6AhMep4vGS

Score

N/A

Malware Config

Signatures

Files

a99c2aa40209a941b193ffec0f7959bd808c43ecffe53f679b98cc6df558f002
.exe windows x86

8a3d881306f225610792fbda066bd1db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

clusapi

ClusterGroupControl
OpenClusterNetwork
OpenClusterNetInterface
GetClusterNetInterfaceKey
CloseClusterNetwork
EvictClusterNode
CloseCluster
ClusterNetworkCloseEnum
GetClusterFromNode
GetClusterNetInterface
FailClusterResource
OpenClusterResource
CanResourceBeDependent
ClusterGroupCloseEnum
SetClusterResourceName
CloseClusterGroup
EvictClusterNodeEx
ClusterNetworkOpenEnum
GetClusterFromNetwork
ClusterResourceTypeEnum
AddClusterResourceNode
ClusterResourceEnum
CreateClusterGroup
ClusterResourceOpenEnum
ClusterRegQueryValue
CloseClusterNotifyPort
ClusterRegDeleteValue
OpenCluster
OnlineClusterGroup
CloseClusterNetInterface
ClusterEnum
ClusterNetworkEnum
CloseClusterResource
RemoveClusterResourceNode
CreateClusterResourceType
GetClusterQuorumResource
SetClusterGroupName
ClusterRegSetKeySecurity
ClusterResourceTypeControl
ClusterRegSetValue
ClusterRegQueryInfoKey
ClusterNetworkGetEnumCount
GetClusterNetworkState
GetClusterInformation
ClusterResourceTypeOpenEnum

mapi32

ScMAPIXFromSMAPI
ScRelocProps@20
HrAddColumnsEx@20
MAPIAdminProfiles
UlFromSzHex@4
OpenTnefStreamEx@32
OpenTnefStream@28
MAPIAllocateMore
MAPIFreeBuffer
ScMAPIXFromCMC
FBinFromHex@8
MAPIDetails
BMAPISendMail
ScRelocNotifications@20
MAPIInitialize
FBadEntryList@4
HrIStorageFromStream@16
MNLS_CompareStringW@24
cmc_query_configuration
BuildDisplayTable@40
MNLS_lstrcpyW@8
UFromSz@4
WrapCompressedRTFStream
WrapCompressedRTFStream@12
DllGetClassObject
PpropFindProp@12
FEqualNames@8
HrSetOmiProvidersFlagsInvalid
GetOutlookVersion@0
MAPIResolveName
cmc_logon
HrComposeEID@28
FBadRglpszW@8
FtSubFt@16
cmc_act_on
FtgRegisterIdleRoutine@20
ScCopyProps@16
ScLocalPathFromUNC@12

kernel32

GetTickCount
FindVolumeMountPointClose
GetNamedPipeHandleStateA
DeleteFileA
ResetWriteWatch
HeapFree
CreateTimerQueue
TransactNamedPipe
VirtualAlloc
EnumCalendarInfoExA
CreateEventW
DeviceIoControl
LoadLibraryA
EnumDateFormatsExW
FindFirstChangeNotificationW
VirtualLock
DebugActiveProcessStop
GetProcessAffinityMask
ConvertThreadToFiber
GetFullPathNameA
FreeUserPhysicalPages
MoveFileExW
lstrcmpA
EnumCalendarInfoA
ReadFileEx
LZInit
GetStartupInfoW
_hwrite
GetCompressedFileSizeW
GetConsoleFontSize
MoveFileExA
SetFileShortNameW
EnumTimeFormatsA
EnumCalendarInfoExW
PurgeComm
GetWindowsDirectoryA
CommConfigDialogW
GlobalCompact
SystemTimeToFileTime
ExpungeConsoleCommandHistoryA
GetPrivateProfileStructA
EnumLanguageGroupLocalesA
LocalAlloc
GetDriveTypeW
LZCreateFileW
HeapCompact
OpenProfileUserMapping

mapistub

BMAPIGetAddress
ScCreateConversationIndex@16
MNLS_CompareStringW@24
BMAPISaveMail
CchOfEncoding@4
HrGetOneProp@12
MAPIUninitialize
MAPIAdminProfiles
MAPIDeinitIdle@0
FtMulDw@12
FtSubFt@16
ScInitMapiUtil@4
HrSetOmiProvidersFlagsInvalid@4
MAPIInitialize@4
MNLS_MultiByteToWideChar@24
cmc_look_up
BMAPIFindNext
HrQueryAllRows@24
MAPILogonEx@20
BMAPIResolveName
OpenTnefStreamEx
BMAPIDetails
HrDispatchNotifications@4
UNKOBJ_ScAllocateMore@16
ScDupPropset@16
HrAddColumnsEx@20
MAPIAllocateMore@12
FDecodeID@12
GetAttribIMsgOnIStg@12
FBadRglpszA@8
HrAddColumns@16
MAPILogonEx
MAPIInitialize
LAUNCHWIZARD
FtMulDwDw@8
HrEntryIDFromSz@12
UNKOBJ_ScCOAllocate@12
OpenTnefStream@28
GetTnefStreamCodepage@12

ntdll

RtlAllocateAndInitializeSid
NtReadVirtualMemory
RtlxUnicodeStringToAnsiSize
ZwReplyWaitReplyPort
RtlReleasePebLock
NtSetInformationKey
NtResumeThread
_lfind
ZwNotifyChangeDirectoryFile
ZwFlushKey
ZwQueryQuotaInformationFile
NtReplaceKey
RtlAdjustPrivilege
ZwEnumerateBootEntries
ZwGetDevicePowerState
RtlAppendAsciizToString
RtlResetRtlTranslations
ZwOpenKeyedEvent
NtRemoveIoCompletion
RtlGetCompressionWorkSpaceSize
NtDeleteKey
NtIsProcessInJob
RtlAddVectoredExceptionHandler
RtlIpv4AddressToStringW
NtResetWriteWatch
NtQueryValueKey
ZwQueryDefaultLocale
NtQueryAttributesFile
iswdigit
ZwSuspendThread
ZwSetLowEventPair
RtlGetFullPathName_U
RtlFirstFreeAce
RtlSetHeapInformation

opengl32

glTexCoord2dv
glFogiv
glColorMask
glTranslated
glColor4b
glColor4ui
glTexCoord1iv
glIndexi
glArrayElement
glOrtho
glPushAttrib
glTexGenf
glLightModelfv
wglShareLists
glLogicOp
glRasterPos3sv
glColor3d
glIndexf
glMapGrid2d
wglSetPixelFormat
glVertex3fv
glTexCoord2iv
glPixelMapusv
wglUseFontBitmapsW
glPolygonMode

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a3d881306f225610792fbda066bd1db

Headers

DLL Characteristics

File Characteristics

Imports

clusapi

mapi32

kernel32

mapistub

ntdll

opengl32

Sections

.text Size: 90KB - Virtual size: 89KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 20KB - Virtual size: 146KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 204B

.text
Size: 90KB - Virtual size: 89KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 20KB - Virtual size: 146KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 204B