62ac692f8a696becae09b4833970c33f3f8fb9f1efa17735863f9365a5d89301

Sharing

Copy URL Twitter E-mail

General

Target

62ac692f8a696becae09b4833970c33f3f8fb9f1efa17735863f9365a5d89301
Size

47KB
MD5

78b91f8a80c343b28cc93a84e936659f
SHA1

d7b32aedc4ad5ce8aa14608e2bff08c0f9f02ca5
SHA256

62ac692f8a696becae09b4833970c33f3f8fb9f1efa17735863f9365a5d89301
SHA512

d27d9be4ee69ae8709fbc7aec8bd7e2be50ce0a3103d7029ddfb0d43693ba5f8d7cd38f7558e1f39afac6f25a7b1bdd1b17b30738cbe400fdf145ec5315b1654
SSDEEP

768:dyztXRT5wG8zBhriXb4yBNwY/CQGuoL3Q7WA77hN3S8bz2xPn1osBoS21zoZHUqS:yBT5wG8throUSNexrwiUQPOSoSWoVU

Score

N/A

Malware Config

Signatures

Files

62ac692f8a696becae09b4833970c33f3f8fb9f1efa17735863f9365a5d89301
.exe windows x86

b9901c7b5615fc936f708cfd4ef8867e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ufat

?Initialize@CLUSTER_CHAIN@@QAEEPAVMEM@@PAVLOG_IO_DP_DRIVE@@PAVFAT_SA@@PBVFAT@@KK@Z
?QueryFileStartingCluster@FAT_SA@@QAEKPBVWSTRING@@PAVHMEM@@PAPAVFATDIR@@PAEPAVFAT_DIRENT@@@Z
?QueryLastWriteTime@FAT_DIRENT@@QBEEPAT_LARGE_INTEGER@@@Z
?QueryAllocatedClusters@FAT@@QBEKXZ
?Initialize@ROOTDIR@@QAEEPAVMEM@@PAVLOG_IO_DP_DRIVE@@KJ@Z
?InitFATChkDirty@REAL_FAT_SA@@QAEEPAVLOG_IO_DP_DRIVE@@PAVMESSAGE@@@Z
?Initialize@FILEDIR@@QAEEPAVMEM@@PAVLOG_IO_DP_DRIVE@@PAVFAT_SA@@PBVFAT@@K@Z
??0FAT_DIRENT@@QAE@XZ
?AllocChain@FAT@@QAEKKPAK@Z
??0FILEDIR@@QAE@XZ
ChkdskEx
Recover
?IsValidCreationTime@FAT_DIRENT@@QBEEXZ
?QueryCensusAndRelocate@FAT_SA@@QAEEPAU_CENSUS_REPORT@@PAVINTSTACK@@PAE@Z
??0CLUSTER_CHAIN@@QAE@XZ
?Index12@FAT@@ABEKK@Z
?QueryNthCluster@FAT@@QBEKKK@Z
??1FILEDIR@@UAE@XZ
??1ROOTDIR@@UAE@XZ

w32topl

ToplHeapIsElementOf
ToplVertexSetId
ToplEdgeGetWeight
ToplAddEdgeToGraph
ToplListSetIter
ToplGraphRemoveVertex
ToplEdgeDestroy
ToplHeapInsert
ToplEdgeInit
ToplEdgeGetToVertex
ToplGetAlwaysSchedule
ToplListCreate
ToplVertexGetId
ToplVertexGetInEdge
ToplVertexSetParent
ToplPScheduleValid
ToplIsToplException
ToplScheduleIsEqual
ToplVertexGetOutEdge
ToplIterCreate
ToplGraphDestroy
ToplHeapIsEmpty
ToplScheduleNumEntries

mapi32

LaunchWizard@20
EnableIdleRoutine@8
MAPIUninitialize
MAPIDeleteMail
FPropExists@8
BMAPIAddress
FBadEntryList@4
OpenTnefStream
SzFindCh@8
FGetComponentPath
ScMAPIXFromSMAPI
FtNegFt@8
RTFSync
MAPISendMail
OpenTnefStreamEx
HrValidateIPMSubtree@20
MAPIFreeBuffer
MNLS_lstrlenW@4
BMAPIGetAddress
OpenTnefStreamEx@32
MAPIDetails
MAPIOpenFormMgr@8
GetOutlookVersion@0
MAPIAddress
FBadPropTag@4
BMAPIGetReadMail
cmc_read
cmc_query_configuration
MNLS_WideCharToMultiByte@32

kernel32

GetCPInfoExA
VerLanguageNameW
LoadLibraryW
GetLocaleInfoA
IsProcessInJob
GetProcessAffinityMask
GetCurrentThread
SetCalendarInfoA
BaseCheckAppcompatCache
GetModuleHandleW
GetShortPathNameA
GetDateFormatA

rasapi32

RasEnumDevicesA
RasEnumAutodialAddressesA
RasScriptGetIpAddress
UnInitializeRAS
RasGetProjectionInfoA
DwEnumEntryDetails
RasEnumAutodialAddressesW
RasSetEntryPropertiesA
RasFreeEapUserIdentityA
RasInvokeEapUI
RasGetEapUserDataW
RasAutodialAddressToNetwork
RasSetEntryDialParamsW
RasDialA
RasDeleteSubEntryW
RasGetConnectionStatistics
RasSetEapUserDataA
RasGetErrorStringW
RasConnectionNotificationA
RasQuerySharedAutoDial
RasEnumDevicesW
RasGetErrorStringA
RasSetCustomAuthDataW
RasEnumConnectionsW
RasScriptReceive
RasAutodialEntryToNetwork
RasHangUpW
RasSetAutodialParamA
RasScriptTerm

scarddlg

SCardDlgExtendedError
SCardUIDlgSelectCardW
GetOpenCardNameA
SCardUIDlgSelectCardA
GetOpenCardNameW

sqlunirl

_CreatePropertySheetPage_@4
_FindWindow_@8
_SearchPath_@24
_CharUpperBuff_@8
_GlobalAddAtom_@4
newMultiByteFromWideChar
_MAKEINTRESOURCE@4
_BuildCommDCB_@8
_GetWindowTextLength@4
_SetUserObjectInformation_@16
_FindNextFile_@8
_GetVersionEx@4
_GetFileVersionInfoSize_@8
_PeekMessage@20
_SetCurrentDirectory_@4
_SHGetPathFromIDList_@8
_CreateColorSpace_@4

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9901c7b5615fc936f708cfd4ef8867e

Headers

DLL Characteristics

File Characteristics

Imports

ufat

w32topl

mapi32

kernel32

rasapi32

scarddlg

sqlunirl

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 7KB