87888e080e2a8e03ce11989a18fedb62a03efc6032e9b9af6e257dd984457a62

Sharing

Copy URL Twitter E-mail

General

Target

87888e080e2a8e03ce11989a18fedb62a03efc6032e9b9af6e257dd984457a62
Size

72KB
MD5

39c15d13c409070cb6b8f2a1eeb4f0d4
SHA1

d030a3e4d10f2c824582081f41ba6f44cfc42e85
SHA256

87888e080e2a8e03ce11989a18fedb62a03efc6032e9b9af6e257dd984457a62
SHA512

e4e63b80a4b36b72f51e73ee4e1f9f8cf8b8225026173b6c17f5ed692a35365c9d7bc914987289a0b62683335c9f4d57cee6802d753fee488eb898e75bc71c92
SSDEEP

1536:7zlrYdCNtTwNX+DNuzmeakmyT2s9ef1HxcwEbluwnbA1I:X1YdCPwNwYiZDyKs9wchuwnGI

Score

N/A

Malware Config

Signatures

Files

87888e080e2a8e03ce11989a18fedb62a03efc6032e9b9af6e257dd984457a62
.exe windows x86

fb98033ed6a2b0230adb5d7a885fb22e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadDirectoryChangesW
TransactNamedPipe
VirtualAlloc
CreateNamedPipeW
MoveFileExA
GetSystemTime
BuildCommDCBW
ExitProcess
GetEnvironmentStringsW
GetLocaleInfoW
GetPrivateProfileIntW
GetVolumeNameForVolumeMountPointW
CancelIo
CreateDirectoryA
UTUnRegister
FileTimeToLocalFileTime
LoadLibraryA
GetComputerNameA
GetDefaultCommConfigW
DebugBreak
GlobalFindAtomA

crtdll

system
scanf
ftell
_mbsncmp
_ismbcupper
srand
clock
_clearfp
sin
_setjmp
_strcmpi
_iob
_mbsdec
_isatty
_findfirst
_abnormal_termination
_CIcosh
ungetwc
_mbsnbcat
tan
_CIfmod
_ismbcl2

mapistub

BMAPISendMail
LPropCompareProp@8
ScRelocProps@20
cmc_look_up
ScMAPIXFromCMC
GetOutlookVersion@0
HrSetOmiProvidersFlagsInvalid@4
BMAPIResolveName
SzFindSz@8
ScCountNotifications@12
OpenTnefStreamEx@32
FtNegFt@8
HrThisThreadAdviseSink@8
MAPIAllocateMore@12
FDecodeID@12

sqlunirl

_EnumWindowStations_@8
_NDdeGetTrustedShare_@20
_RegOpenKey_@12
_CreateIC_@16
_ObjectCloseAuditAlarm_@12
ConvertMultiSZNameToW
_LookupAccountSid_@28
_PrivilegedServiceAuditAlarm_@20
_CharToOemBuff_@12
AbortSystemShutdown_
_wvsprintf_@12
_EnumDependentServices_@24
_GetLocaleInfo_@16
_FatalAppExit_@8
_CommDlg_OpenSave_GetSpec@12
_RegReplaceKey_@16
_GetLogColorSpace_@12
_GetDiskFreeSpace_@20
_LoadLibraryEx_@12
_SetClassLong_@12
_GetFileTitle@12

msdart

??1CLKRLinearHashTable@@QAE@XZ
?_LockSpin@CReaderWriterLock3@@AAEXW4SPIN_TYPE@1@@Z
?MaxSize@CLKRLinearHashTable@@QBEKXZ
?SetBucketLockSpinCount@CLKRLinearHashTable@@QAEXG@Z
MpHeapValidate
?GetSpinCount@CSpinLock@@QBEGXZ
?ConvertExclusiveToShared@CFakeLock@@QAEXXZ
?ConvertExclusiveToShared@CLKRHashTable@@QBEXXZ
?GetSpinCount@CFakeLock@@QBEGXZ
?TryWriteLock@CReaderWriterLock2@@QAE_NXZ
?_TryReadLock@CReaderWriterLock2@@AAE_NXZ
?IsUsable@CLKRHashTable@@QBE_NXZ
?FindRecord@CLKRLinearHashTable@@QBE?AW4LK_RETCODE@@PBX@Z
?GetSpinCount@CReaderWriterLock3@@QBEGXZ
?SetDefaultSpinAdjustmentFactor@CReaderWriterLock@@SGXN@Z
IrtlTrace
??4CSmallSpinLock@@QAEAAV0@ABV0@@Z
MpHeapFree
??0CCritSec@@QAE@XZ

mapi32

BMAPIGetAddress
FtSubFt@16
IsBadBoundedStringPtr@8
HrAllocAdviseSink@12
FBadRglpszA@8
SwapPword@8
EnableIdleRoutine@8
ScMAPIXFromSMAPI
OpenTnefStream@28
UlAddRef@4
MNLS_WideCharToMultiByte@32
GetAttribIMsgOnIStg@12
MAPILogon
OpenTnefStreamEx
cmc_free
LAUNCHWIZARD
UNKOBJ_ScCOAllocate@12
UNKOBJ_FreeRows@8
ScRelocProps@20
HrThisThreadAdviseSink@8
HrDecomposeMsgID@24
CbOfEncoded@4

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb98033ed6a2b0230adb5d7a885fb22e

Headers

File Characteristics

Imports

kernel32

crtdll

mapistub

sqlunirl

msdart

mapi32

Sections

.text Size: 64KB - Virtual size: 64KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1KB - Virtual size: 154KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 64KB - Virtual size: 64KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1KB - Virtual size: 154KB

.rsrc
Size: 1KB - Virtual size: 1KB