b2f531f5d70c22669bdbd6f17dfc33a6f2ff06b058e90840ffc09493df876ddd

Sharing

Copy URL Twitter E-mail

General

Target

b2f531f5d70c22669bdbd6f17dfc33a6f2ff06b058e90840ffc09493df876ddd
Size

156KB
MD5

45f0fb4961f11fb6512104d63e9b6b70
SHA1

5fcc44a7ba91c25fb4cf350626e1057a2e2bec95
SHA256

b2f531f5d70c22669bdbd6f17dfc33a6f2ff06b058e90840ffc09493df876ddd
SHA512

2c31f72925f324a7c8748900c540a1e689648601df59c645942e86048d5deaaa0770fc1db0d33f015414297284c40515149e7bd990537008d0b16a6b0fdf98ad
SSDEEP

3072:q18W07h033lAoFHMIvNOafys1BegWSnpGlCxxPz4X2DISviQ:aBgaHlxFP0afj/qHIoGpi

Score

N/A

Malware Config

Signatures

Files

b2f531f5d70c22669bdbd6f17dfc33a6f2ff06b058e90840ffc09493df876ddd
.exe windows x86

2daf144a54efbfe48176ccaccf3a75c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt40

??1filebuf@@UAE@XZ
?seekg@istream@@QAEAAV1@J@Z
?tellp@ostream@@QAEJXZ
strcpy
_ismbbalnum
_mtunlock
_putw
clearerr
??0ofstream@@QAE@H@Z
_ctype
_setmbcp
??4ifstream@@QAEAAV0@ABV0@@Z
??4filebuf@@QAEAAV0@ABV0@@Z
??4istream_withassign@@QAEAAVistream@@PAVstreambuf@@@Z
gmtime
putchar
??4istrstream@@QAEAAV0@ABV0@@Z
_pgmptr
_waccess
_wsearchenv
??8type_info@@QBEHABV0@@Z
__p___argc
??1Iostream_init@@QAE@XZ
_wunlink
_mbscoll
wcscoll
_umask
?gptr@streambuf@@IBEPADXZ
_fputwchar
iswalpha
fgetwc
_wexeclpe
sin
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z

avifil32

IID_IAVIStream
AVIStreamAddRef
EditStreamSetInfoA
EditStreamCopy
AVIStreamStart
AVIStreamWrite
AVIFileEndRecord
AVIFileOpenA
AVIStreamBeginStreaming
AVIStreamLength
AVIPutFileOnClipboard
EditStreamSetInfo
AVIStreamWriteData
AVIFileInfoA
AVIMakeStreamFromClipboard
EditStreamPaste
EditStreamSetName
AVIGetFromClipboard
AVIStreamGetFrame
AVIFileInit
AVIStreamFindSample
AVIFileOpen
AVIStreamTimeToSample
AVIStreamSampleToTime
AVIStreamInfoW
AVIStreamEndStreaming
AVISaveOptionsFree
AVIFileGetStream
AVISaveOptions
AVIFileExit
AVISave
AVISaveVA
AVIBuildFilterW
AVIStreamOpenFromFileA

mapi32

IsBadBoundedStringPtr@8
HrGetOmiProvidersFlags@8
cmc_act_on
MAPILogonEx
MAPIDeleteMail
HrEntryIDFromSz@12
ScCreateConversationIndex@16
MAPIUninitialize@0
FPropCompareProp@12
FreeProws@4
MAPIFreeBuffer
ScRelocNotifications@20
FBadRow@4
SzFindLastCh@8
OpenTnefStream@28
UNKOBJ_ScCOAllocate@12
OpenIMsgSession@12
CbOfEncoded@4
GetOutlookVersion@0
ScGenerateMuid@4
WrapCompressedRTFStream@12
MAPIAddress
OpenStreamOnFile@24
MAPIOpenFormMgr@8
MNLS_lstrlenW@4
HrDispatchNotifications@4
cmc_free
SetAttribIMsgOnIStg@16
MAPIUninitialize
CloseIMsgSession@4
MAPIReadMail
PpropFindProp@12
MAPIOpenLocalFormContainer
MAPIOpenFormMgr
OpenStreamOnFile
MAPIDeinitIdle@0
cmc_list
MAPISendDocuments
CreateTable@36
InstallFilterHook@4
ScMAPIXFromSMAPI

ole32

OleDraw
CoSwitchCallContext
StgIsStorageILockBytes
CoInitializeWOW
CoPushServiceDomain
SNB_UserUnmarshal
HICON_UserSize
OleBuildVersion
StringFromIID
StgSetTimes
OleSetMenuDescriptor
HWND_UserSize
HDC_UserMarshal
CoReactivateObject
StgPropertyLengthAsVariant
GetDocumentBitStg
CoGetInterceptor
StgCreatePropSetStg
CLIPFORMAT_UserUnmarshal
HDC_UserFree
OleDestroyMenuDescriptor
CoCreateFreeThreadedMarshaler
CreateBindCtx
OleUninitialize
DcomChannelSetHResult
CoAddRefServerProcess
IsAccelerator
CoQueryProxyBlanket
CoUnmarshalHresult

kernel32

SetCommMask
EnumCalendarInfoA
VirtualAlloc
FindNextVolumeMountPointA
LoadLibraryA
SearchPathW
OpenEventW
GlobalAlloc
SwitchToThread
LocalReAlloc
EnumResourceNamesW
WritePrivateProfileStructW
GetVolumeInformationA
GetModuleHandleA
GetVDMCurrentDirectories
GetLastError
Thread32Next
RaiseException
GetConsoleScreenBufferInfo
RegisterConsoleOS2
IsBadWritePtr
GetDiskFreeSpaceW
LoadModule
GetComputerNameExA
GetExitCodeThread
FindResourceA
CreateTimerQueueTimer
GetCurrentThread
PrivMoveFileIdentityW
WriteConsoleOutputCharacterW
OpenFile
GetProfileSectionW
GetUserDefaultLCID
ReplaceFile
ReplaceFileW
SetConsoleLocalEUDC
CloseProfileUserMapping
GetConsoleFontSize
AllocConsole
QueryDosDeviceW

msvcrt

_acmdln
_aligned_offset_malloc
ungetc
_snwprintf
rewind
_strtoui64
_vsnprintf
__lc_collate_cp
_rotl
_spawnve
strtok
_itow
wcstoul
_strnset
__crtGetLocaleInfoW
_atoi64
putchar
_strtime
_cwscanf
__iscsym
getenv
islower
pow
_wenviron
_heapset
_amsg_exit
_mbctombb
_strupr
_seterrormode
_tell
__crtCompareStringW

user32

CharPrevA
PackDDElParam
DdeCmpStringHandles
HiliteMenuItem
PtInRect
CharLowerBuffW
WaitMessage
SetThreadDesktop
DdeQueryStringW
CloseClipboard
TranslateAccelerator
LoadMenuIndirectW
MsgWaitForMultipleObjectsEx
GetWindowModuleFileNameA
GetParent
MonitorFromRect
SendMessageA
CreateDialogParamW
SetMenuItemInfoA
OpenInputDesktop
KillTimer
GetTabbedTextExtentA
ClientToScreen
SetWindowsHookExW
SubtractRect
CharToOemBuffW
EnableScrollBar
SetDlgItemTextW
DlgDirSelectExA
GetWinStationInfo
IsHungAppWindow
GetWindowLongW
ChangeDisplaySettingsW
GetKeyboardLayoutNameW
SetClipboardViewer
GetSystemMetrics
EndDialog
GetMenuItemRect
UnlockWindowStation
SetInternalWindowPos
MsgWaitForMultipleObjects
EnumWindowStationsA
OffsetRect
CloseDesktop
GetKeyNameTextA

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2daf144a54efbfe48176ccaccf3a75c0

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt40

avifil32

mapi32

ole32

kernel32

msvcrt

user32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 79KB - Virtual size: 159KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 824B

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 79KB - Virtual size: 159KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 824B