7c0ffb4f2a04ceec06889fa9fdc451f2dfcc73dc0a4f77893da34027907ea856

Sharing

Copy URL Twitter E-mail

General

Target

7c0ffb4f2a04ceec06889fa9fdc451f2dfcc73dc0a4f77893da34027907ea856
Size

825KB
MD5

e9432a94337b693360d822b4337d75be
SHA1

38613f07701f39a9883fa20c04b1c85548b5ef01
SHA256

7c0ffb4f2a04ceec06889fa9fdc451f2dfcc73dc0a4f77893da34027907ea856
SHA512

0c99f2a350237c3df8f614523d24c45c8069f57b9dcdd7fa05b6125348347d7797fec7c7e4be1c51841868f934eeb2e0c6d1083f46d09510847388ad9fdd212d
SSDEEP

24576:XhipWuBWOk3mrApn77lXiLny8mHE+xs96m:XhR3min7RyLny8b+W7

Score

N/A

Malware Config

Signatures

Files

7c0ffb4f2a04ceec06889fa9fdc451f2dfcc73dc0a4f77893da34027907ea856
.exe windows x86

80f003a934ac313712061411c600ced7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_heapwalk
??_7__non_rtti_object@@6B@
_Getdays
_wfindnext64
__p__commode
__set_app_type
_CIfmod
?before@type_info@@QBEHABV1@@Z
strncmp
__p__pwctype
___unguarded_readlc_active_add_func
sinh
_mbsnbcoll
_mbscmp
__getmainargs
exit
_fileinfo

msorcl32

SQLExecute
ConfigDSN
SQLSetConnectOption
SQLFetch
SQLParamData
SQLProcedureColumns
SQLError

kernel32

SetFileApisToANSI
LZInit
GetCalendarInfoW
Heap32Next
GetOEMCP
RestoreLastError
GetConsoleAliasesA
GetExitCodeThread
GetConsoleAliasExesA
DeleteTimerQueue
GetLastError
QueryPerformanceCounter
GetLocaleInfoW
GetCurrentThread
ReleaseActCtx
RequestDeviceWakeup
GetGeoInfoA
CancelTimerQueueTimer
GetEnvironmentStrings
LoadLibraryW
FindFirstVolumeA
GetConsoleCommandHistoryLengthW
CreateMutexA
GetModuleHandleW
DebugActiveProcess
SetTapePosition
GetSystemTime
FreeLibraryAndExitThread
LocalFileTimeToFileTime
GetFileAttributesW
GetComputerNameW
TransactNamedPipe
PrivCopyFileExW
GetExitCodeProcess

certcli

CASetCertTypeFlags
DllUnregisterServer
CAEnumCertTypesEx
DllCanUnloadNow
CAIsCertTypeCurrent
CAOIDDelete
CAGetDN
CAGetCertTypeFlagsEx
CACreateNewCA
CAEnumCertTypesForCAEx
CAEnumNextCA
CACloseCertType
CAOIDGetLdapURL
CAGetCertTypeExtensionsEx
CAEnumCertTypes
CAGetCertTypeExtensions
CACertTypeQuery
CADeleteLocalAutoEnrollmentObject
CASetCertTypeExpiration
CARemoveCACertificateType
CASetCAProperty
CAOIDCreateNew
CAFreeCertTypeProperty
DllGetClassObject
CACountCertTypes
CAGetCertTypeKeySpec
CASetCAFlags
CAOIDFreeProperty
CASetCertTypeKeySpec

mapistub

WrapProgress@20
HrAllocAdviseSink@12
LpValFindProp@12
MAPIReadMail
MAPIInitIdle@4
ScGenerateMuid@4
MNLS_lstrcmpW@8
UFromSz@4
UNKOBJ_COFree@8
FBadColumnSet@4
BMAPIAddress
GetTnefStreamCodepage@12
UNKOBJ_ScSzFromIdsAlloc@20
MAPILogonEx
GetTnefStreamCodepage
SwapPlong@8
SzFindCh@8
MAPISendMail

unimdmat

UmHangupModem
UmGenerateDigit
UmInitializeModemDriver
UmOpenModem
UmDeinitializeModemDriver
UmSetPassthroughMode
UmDialModem
UmAnswerModem
UmLogDiagnostics
UmSetSpeakerPhoneState
UmMonitorModem
UmAbortCurrentModemCommand
UmDuplicateDeviceHandle
UmWaveAction
UmInitModem
UmGetDiagnostics
UmIssueCommand
UmLogStringA
UmCloseModem

user32

EndDialog

Sections

.text
Size: 374KB - Virtual size: 374KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80f003a934ac313712061411c600ced7

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

msorcl32

kernel32

certcli

mapistub

unimdmat

user32

Sections

.text Size: 374KB - Virtual size: 374KB

.rdata Size: 90KB - Virtual size: 90KB

.data Size: 157KB - Virtual size: 1.6MB

.rsrc Size: 200KB - Virtual size: 200KB

.reloc Size: 1024B - Virtual size: 852B

.text
Size: 374KB - Virtual size: 374KB

.rdata
Size: 90KB - Virtual size: 90KB

.data
Size: 157KB - Virtual size: 1.6MB

.rsrc
Size: 200KB - Virtual size: 200KB

.reloc
Size: 1024B - Virtual size: 852B