83656026a176744214744df089cb952548ec5de7f0a375f38b2b2721cf8fe2e0

Sharing

Copy URL Twitter E-mail

General

Target

83656026a176744214744df089cb952548ec5de7f0a375f38b2b2721cf8fe2e0
Size

262KB
MD5

4b58bb717eedb4d7f910298352860051
SHA1

c341dda3c760289bb758701226c659031e78e331
SHA256

83656026a176744214744df089cb952548ec5de7f0a375f38b2b2721cf8fe2e0
SHA512

2903aa7c759fcf2fa98112f11a8af86b2a140c457e6573a5fffeb692d9e76e4f3571c4f64f60e311cd68842ab9993e74bd912b7da53349e9ddfd6eb54d5c092b
SSDEEP

6144:DFfUrgbDgxk3496SFgyVuSvfFDvIRmFbLoDG:BK6Vmj9vjKK

Score

N/A

Malware Config

Signatures

Files

83656026a176744214744df089cb952548ec5de7f0a375f38b2b2721cf8fe2e0
.exe windows x86

bcd0277e44d992f8ad2f5de48e187f4a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mapi32

MAPIDetails
FBadColumnSet@4
SwapPlong@8
IsBadBoundedStringPtr@8
MAPILogoff
MAPIInitialize@4
HrEntryIDFromSz@12
SzFindCh@8
MAPIFreeBuffer
ScMAPIXFromCMC
UFromSz@4
FGetComponentPath
UNKOBJ_ScAllocateMore@16
UNKOBJ_ScCOAllocate@12
MAPIAddress
HrComposeMsgID@24
HrAddColumnsEx@20
GetTnefStreamCodepage
HrGetOmiProvidersFlags
MAPILogonEx
ScCopyProps@16
MAPIFreeBuffer@4
HrSetOmiProvidersFlagsInvalid
ScMAPIXFromSMAPI
ScRelocProps@20
MAPIAllocateMore@12

untfs

?Read@NTFS_SA@@UAEEXZ
?Initialize@NTFS_CLUSTER_RUN@@QAEEPAVMEM@@PAVLOG_IO_DP_DRIVE@@VBIG_INT@@KK@Z
?AddFileNameAttribute@NTFS_FILE_RECORD_SEGMENT@@QAEEPAU_FILE_NAME@@@Z
FormatEx
??0NTFS_FILE_RECORD_SEGMENT@@QAE@XZ
?QueryAttributeList@NTFS_FRS_STRUCTURE@@QAEEPAVNTFS_ATTRIBUTE_LIST@@@Z
?Initialize@NTFS_MFT_INFO@@QAEEXZ
?QueryLcnFromVcn@NTFS_EXTENT_LIST@@QBEEVBIG_INT@@PAV2@1@Z
?Read@NTFS_MFT_FILE@@UAEEXZ
??1NTFS_FILE_RECORD_SEGMENT@@UAE@XZ
?CompareFileName@NTFS_MFT_INFO@@SGEPAXKPAU_FILE_NAME@@PAG@Z
??0NTFS_LOG_FILE@@QAE@XZ

kernel32

GetPrivateProfileStringW
OpenProcess
FatalAppExitW
GetConsoleAliasExesLengthA
IsBadWritePtr
QueryDosDeviceW
ActivateActCtx
lstrcmpA
LoadLibraryW
GetOEMCP
RemoveDirectoryW
HeapCreate
TermsrvAppInstallMode
FlushConsoleInputBuffer
FillConsoleOutputCharacterW
GetTickCount

cfgmgr32

CM_Find_Range
CM_Free_Log_Conf
CM_Connect_MachineW
CM_Register_Device_InterfaceA
CM_Get_Device_ID_ListW
CM_Add_Res_Des
CM_Query_Arbitrator_Free_Size
CM_Get_Device_Interface_List_SizeA

user32

SetWindowPlacement
GetDoubleClickTime
GetCursorFrameInfo
VkKeyScanW
GetMenu
UnregisterClassW
GetWindowWord
SetSysColors
DrawTextExA
GetDlgItem
RegisterTasklist
SubtractRect
GetMonitorInfoA
MessageBoxExA
SetForegroundWindow
MonitorFromWindow
DdeCreateStringHandleA
OpenWindowStationA
SetDlgItemTextA
User32InitializeImmEntryTable
PrivateExtractIconExW
WINNLSGetIMEHotkey
GetTabbedTextExtentW
IMPQueryIMEA
ExitWindowsEx
wvsprintfA
PeekMessageA
DdeAddData
IsZoomed

msvcrt

_read
_mbcjistojms
_j1
_getdcwd
__p__mbcasemap
__CxxUnregisterExceptionObject
_sys_nerr
labs
_kbhit
_setjmp
_set_error_mode
time
_sys_errlist
acos
__getmainargs
mktime
_chdrive
_mbsnbcmp
exit
putc
wcscat
_mkdir
_mbsset
__p__commode
_futime64
_strrev
_CIsqrt
__set_app_type

pdh

PdhOpenQueryH
PdhMakeCounterPathA
PdhEnumLogSetNamesA
PdhCollectQueryDataEx
PdhVbAddCounter
PdhBrowseCountersHW
PdhCreateSQLTablesA
PdhGetFormattedCounterArrayA
PdhExpandWildCardPathW
PdhTranslateLocaleCounterW
PdhGetLogSetGUID

Sections

.text
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bcd0277e44d992f8ad2f5de48e187f4a

Headers

File Characteristics

Imports

mapi32

untfs

kernel32

cfgmgr32

user32

msvcrt

pdh

Sections

.text Size: 163KB - Virtual size: 162KB

.rdata Size: 77KB - Virtual size: 76KB

.data Size: 11KB - Virtual size: 107KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 163KB - Virtual size: 162KB

.rdata
Size: 77KB - Virtual size: 76KB

.data
Size: 11KB - Virtual size: 107KB

.rsrc
Size: 9KB - Virtual size: 8KB