7be7f3abe70fd58b965c5ea968504efc2b91876cb00dfb62eea3a0292f6f29a8

Sharing

Copy URL

Twitter E-mail

General

Target

7be7f3abe70fd58b965c5ea968504efc2b91876cb00dfb62eea3a0292f6f29a8
Size

828KB
MD5

69278d68d64ad7d86e3ff227362f0c90
SHA1

1f307551da405e30f4756151824bda7053d74a21
SHA256

7be7f3abe70fd58b965c5ea968504efc2b91876cb00dfb62eea3a0292f6f29a8
SHA512

49d24c6dc8858e9dab00cae6342f458cdd9fa8b1bf86c5a7aeac93188c5fc964f082a19108bae48628261f602d4ee1feba6fc4d3a1565f10ee8824b4f97f1f23
SSDEEP

24576:y4p0hj9o7fR8w/FSgtggp/UMPKSI6ldw25YfG+wBJpsfeCg:ij2bew/FSCgkXOhwBsLg

Score

N/A

Malware Config

Signatures

Files

7be7f3abe70fd58b965c5ea968504efc2b91876cb00dfb62eea3a0292f6f29a8
.exe windows x86

16b42dad521bc8b4c6467749645bce42

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mapistub

ScRelocProps@20
LAUNCHWIZARD
UlFromSzHex@4
FtMulDwDw@8
OpenStreamOnFile@24
HrSetOmiProvidersFlagsInvalid
FEqualNames@8
FDecodeID@12
MAPIOpenLocalFormContainer
FBadPropTag@4
MAPIUninitialize
MAPIGetDefaultMalloc@0
EncodeID@12
LaunchWizard@20
MNLS_MultiByteToWideChar@24
HrGetOmiProvidersFlags
MAPIDeinitIdle@0
HrGetOmiProvidersFlags@8
MAPILogoff
MAPIInitialize@4
BMAPISaveMail
BMAPIGetAddress
FtMulDw@12
MAPIAddress
HrQueryAllRows@24

olesvr32

OleRegisterServer
ItemCallBack
OleRegisterServerDoc
EnumForTerminate
OleQueryServerVersion
OleRevokeServerDoc
FindItemWnd
DocWndProc
DeleteClientInfo
OleBlockServer
SrvrWndProc
SendRenameMsg
TerminateClients
OleSavedServerDoc
WEP
OleRevertServerDoc
TerminateDocClients
SendDataMsg

kernel32

SearchPathA
GetFileType
GetTempFileNameA
VDMConsoleOperation
BackupSeek
UnlockFileEx
GetModuleHandleW
LoadLibraryW
GetLocaleInfoA
SetComputerNameW
ReadConsoleOutputAttribute
FindNextChangeNotification
GetCurrentThread
ResumeThread
LeaveCriticalSection
EscapeCommFunction

wmi

WmiFileHandleToInstanceNameW
TraceEvent
RemoveTraceCallback
ProcessTrace
WmiSetSingleItemA
CloseTrace
WmiQueryGuidInformation
SetTraceCallback
GetTraceEnableLevel

user32

DialogBoxParamA
MessageBoxTimeoutA
FlashWindowEx
DialogBoxIndirectParamAorW
GetAncestor
GetKBCodePage
CreateDialogIndirectParamA
IMPQueryIMEW
DestroyCaret
ShowOwnedPopups
DdeImpersonateClient
SetWindowLongW
SetProcessDefaultLayout
AdjustWindowRectEx

ws2_32

WSAStartup
gethostbyname
inet_addr
WSAGetLastError
WSCDeinstallProvider
WSAIoctl
WSAEnumNameSpaceProvidersA
WSAGetServiceClassInfoA

msutb

ClosePopupTipbar

Sections

.text
Size: 366KB - Virtual size: 366KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16b42dad521bc8b4c6467749645bce42

Headers

DLL Characteristics

File Characteristics

Imports

mapistub

olesvr32

kernel32

wmi

user32

ws2_32

msutb

Sections

.text Size: 366KB - Virtual size: 366KB

.rdata Size: 121KB - Virtual size: 120KB

.data Size: 157KB - Virtual size: 1.6MB

.rsrc Size: 181KB - Virtual size: 181KB

.reloc Size: 1024B - Virtual size: 792B

.text
Size: 366KB - Virtual size: 366KB

.rdata
Size: 121KB - Virtual size: 120KB

.data
Size: 157KB - Virtual size: 1.6MB

.rsrc
Size: 181KB - Virtual size: 181KB

.reloc
Size: 1024B - Virtual size: 792B