805584f8d2bd80023c4d9e3741098d9cdf34733be8a8aceb1218ba2f754a440d

Sharing

Copy URL Twitter E-mail

General

Target

805584f8d2bd80023c4d9e3741098d9cdf34733be8a8aceb1218ba2f754a440d
Size

48KB
MD5

8386f939c703bbf3f57a8e873d435db5
SHA1

d0b9a8707ce70d712c70a30b62728cb794ee986c
SHA256

805584f8d2bd80023c4d9e3741098d9cdf34733be8a8aceb1218ba2f754a440d
SHA512

c35e622bc4ce598e835e4b3800172604dd9d1e6232350889614ee796447a2f91e57e777527015dd64f265dd1e734421e32af19cde993670d303f158ecf40110f
SSDEEP

768:KCEXRoOXhLDByFxxreqvNuQaMGVjhYKoTPahmHHI+aF5tDtv9uTKLJm1:IRokYNuOGViriJv5guVm1

Score

N/A

Malware Config

Signatures

Files

805584f8d2bd80023c4d9e3741098d9cdf34733be8a8aceb1218ba2f754a440d
.exe windows x86

bd324b89afc8be9543deeb268fcf0eb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BaseUpdateAppcompatCache
RtlCaptureContext
DeleteTimerQueueEx
LoadLibraryA
ContinueDebugEvent
GetNamedPipeInfo
VirtualAlloc
IsDebuggerPresent
SetComputerNameExA
GetConsoleKeyboardLayoutNameA
GetFileTime
SetFileApisToANSI
FreeLibrary
GetNumaAvailableMemoryNode
EndUpdateResourceA
HeapSummary
ReadConsoleInputExA
RtlUnwind
FindFirstFileExW
FreeConsole
SystemTimeToFileTime
GetUserDefaultLCID
GlobalWire
FindActCtxSectionGuid
ReadProcessMemory
SetConsoleCtrlHandler
FindCloseChangeNotification
GetStartupInfoW
GetOverlappedResult
AreFileApisANSI

mapi32

LAUNCHWIZARD
GetTnefStreamCodepage
cmc_act_on
UFromSz@4
cmc_logon
OpenIMsgOnIStg@44
HrComposeEID@28
FBadPropTag@4
HrSetOmiProvidersFlagsInvalid
SwapPword@8
LaunchWizard@20
ScCopyProps@16
UNKOBJ_FreeRows@8
HrGetOneProp@12
cmc_send
MNLS_lstrcmpW@8
UNKOBJ_ScAllocate@12
FixMAPI
__CPPValidateParameters@8
UlFromSzHex@4
FBadRow@4
GetOutlookVersion
MAPIOpenFormMgr@8
EncodeID@12
OpenTnefStream@28
FtAddFt@16
HrThisThreadAdviseSink@8

gdi32

DdEntry21
GetEUDCTimeStamp
RemoveFontResourceExW
GetTextCharsetInfo
CreatePatternBrush
EudcUnloadLinkW
AddFontResourceExA
GdiPlayScript
EngDeletePath
EndPath
GdiGetLocalDC
bInitSystemAndFontsDirectoriesW
GetEnhMetaFilePixelFormat
CreateMetaFileA
GetCharWidthI
DdEntry8
CreateColorSpaceA
GetBrushOrgEx
ExtSelectClipRgn
GdiEntry7
OffsetClipRgn
DeviceCapabilitiesExW
STROBJ_dwGetCodePage
GetBitmapAttributes
GdiGradientFill
CreateFontIndirectA
CreateFontIndirectW
GetKerningPairsW
GdiPlayDCScript

msvcrt

_wspawnlpe
?_query_new_mode@@YAHXZ
__p__environ
_getdcwd
__p___argv
strncat
_wcsnicmp
_CIfmod
sin
__wgetmainargs
memset
?set_unexpected@@YAP6AXXZP6AXXZ@Z
log10
_popen
_initterm
localtime
ungetwc
_cwscanf
?what@exception@@UBEPBDXZ
__getmainargs
_execl
__p__commode
_getdrives
tanh
_CIatan2
_CIcos
strstr
wcscspn
_heapwalk
exit
_inpw
??0exception@@QAE@ABQBD@Z
__set_app_type
_setjmp
_abnormal_termination
_pclose

shimgvw

ImageView_PrintToW
ImageView_Fullscreen
ImageView_FullscreenA
ImageView_PrintToA
ImageView_FullscreenW
imageview_fullscreenW
ImageView_PrintTo

user32

DefWindowProcW
PostQuitMessage
RegisterClassW

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd324b89afc8be9543deeb268fcf0eb3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mapi32

gdi32

msvcrt

shimgvw

user32

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 8KB