a98a6dffaf68d975922e302da6f7c13ddf24bf847503673a8c66380877dc8a3b

Sharing

Copy URL Twitter E-mail

General

Target

a98a6dffaf68d975922e302da6f7c13ddf24bf847503673a8c66380877dc8a3b
Size

848KB
MD5

397eb1d218c30365fb47b7f1b6918dd1
SHA1

58184f1fd624b1fbce20cead909a76e1825c8028
SHA256

a98a6dffaf68d975922e302da6f7c13ddf24bf847503673a8c66380877dc8a3b
SHA512

dc66930d6d0873439d7d4dd86b000497bf28b2e66fef53576cdfa081bd217db6f4518125a31bb2241659af747f1b9437f4c73b3fa75d6da10d79f11175eb8013
SSDEEP

24576:tUMO51Fc22wCHogfoU2DPdaa0H3n9s8ATwe/FnQ:tUMO51FDfCIgQfPKXe7tnQ

Score

N/A

Malware Config

Signatures

Files

a98a6dffaf68d975922e302da6f7c13ddf24bf847503673a8c66380877dc8a3b
.exe windows x86

1067d57991ae1d1d32b367beacee9e92

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
CancelIo
FoldStringA
GetConsoleCharType
ReplaceFileW
GlobalFlags
RemoveDirectoryA
Process32FirstW
_hwrite
GlobalFree
DeleteFileW
SetConsolePalette
SetProcessShutdownParameters
ReadConsoleInputA
QueryDosDeviceW
GetConsoleFontInfo
GetStringTypeA
GetProcessTimes
FreeConsole
FatalAppExitA
GetBinaryTypeW
ContinueDebugEvent
GetTickCount
SetSystemTimeAdjustment
GetProcessHeap
EnumDateFormatsA
DeleteAtom
GetTapeStatus
GetThreadLocale
GetStartupInfoA
EnumResourceLanguagesW
VirtualQuery
FindNextChangeNotification
SetHandleContext
WriteProfileSectionA
PeekConsoleInputA
GetLocaleInfoA
GetCurrentThread
SetProcessPriorityBoost
EnumSystemCodePagesA
SetFileTime
LoadLibraryW
CreateSocketHandle

mapi32

HrGetOneProp@12
HrComposeMsgID@24
cmc_act_on
BMAPIResolveName
HrEntryIDFromSz@12
WrapCompressedRTFStream
BMAPIAddress
FBadRowSet@4
BMAPISendMail
UNKOBJ_ScCOAllocate@12
MAPIAddress
EnableIdleRoutine@8
FBadProp@4
ChangeIdleRoutine@28
MAPIOpenLocalFormContainer@4
SetAttribIMsgOnIStg@16
HrThisThreadAdviseSink@8
MAPIOpenFormMgr@8
MAPIReadMail
MAPIDeinitIdle@0
DllGetClassObject

crtdll

strcpy
_ecvt
_ismbcsymbol
_ismbclegal
wprintf
_flushall
asin
_assert
_gcvt
_ismbcspace
_mbsnextc
wctomb
_strninc
raise
_beginthread
_cgets
_makepath
_vsnwprintf
_execvp
_fgetwchar
_mbbtombc
_mbsncpy

ws2_32

WSAAddressToStringW
getsockopt
inet_addr
WSACancelBlockingCall
WSAEnumNetworkEvents
WSASend
WSACleanup
WSASetServiceW
WSANtohs
WSAJoinLeaf
WSADuplicateSocketA
WSAResetEvent
WSANSPIoctl
WSCEnumProtocols
gethostbyname
WSALookupServiceNextW
WSAHtonl
WSACancelAsyncRequest
WSAGetQOSByName
WSAEventSelect
WSASendTo
WSAAccept
recv
WSAProviderConfigChange
WSASetBlockingHook
WSAAsyncGetHostByAddr
getpeername
WSAAsyncGetProtoByName
WSACloseEvent
htonl

wldap32

ldap_modify_sA
ldap_parse_extended_resultW
ldap_dn2ufn
ldap_sasl_bind_sA
LdapMapErrorToWin32
ldap_escape_filter_element
ldap_get_values_len
ldap_search_ext_sA
ldap_add_sA
ldap_rename_ext
ldap_count_values
ldap_get_option
ber_bvfree
ldap_count_values_len
ldap_delete_sW
ldap_addA
cldap_open
ber_bvdup
ber_init
ldap_unbind
ldap_parse_referenceA

oleaut32

SafeArrayDestroyData
VarUI4FromStr
VarI8FromDec
OACreateTypeLib2
VarI1FromI4
VarBoolFromI4
LPSAFEARRAY_Size
DllRegisterServer
VarAbs
CreateTypeLib2
VarBstrFromI2
VarAdd
VarI8FromR8
VarBoolFromI1

Sections

.text
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1067d57991ae1d1d32b367beacee9e92

Headers

File Characteristics

Imports

kernel32

mapi32

crtdll

ws2_32

wldap32

oleaut32

Sections

.text Size: 362KB - Virtual size: 362KB

.rdata Size: 106KB - Virtual size: 106KB

.data Size: 173KB - Virtual size: 1.6MB

.rsrc Size: 177KB - Virtual size: 177KB

.reloc Size: 27KB - Virtual size: 29KB

.text
Size: 362KB - Virtual size: 362KB

.rdata
Size: 106KB - Virtual size: 106KB

.data
Size: 173KB - Virtual size: 1.6MB

.rsrc
Size: 177KB - Virtual size: 177KB

.reloc
Size: 27KB - Virtual size: 29KB