712ed52be87f697c5e8fcc352334d29fbe9376ac59b3a5d885046add33dd9044

Sharing

Copy URL Twitter E-mail

General

Target

712ed52be87f697c5e8fcc352334d29fbe9376ac59b3a5d885046add33dd9044
Size

833KB
MD5

19f91a2c61c66b80b45970b6ebc65814
SHA1

10c426f6d648da00cb8cd91f082b2f5819ffb15d
SHA256

712ed52be87f697c5e8fcc352334d29fbe9376ac59b3a5d885046add33dd9044
SHA512

6583f888265a28b1247ae14d2fcdf71f36d6e327f1b44ada1974a7aba21bbfd061c330c3ad2ada2334e9f5ce3dc8387d3f3b5fcb460efa574385b7ad3d59f7b7
SSDEEP

24576:ITPMYDEj1LZ+Wh1P8ELSZKwFaL6VZzbGBwvdtq5eQHcnGh:QPMY+LZ+W3PBSZKVLs5A0dtq5dHUq

Score

N/A

Malware Config

Signatures

Files

712ed52be87f697c5e8fcc352334d29fbe9376ac59b3a5d885046add33dd9044
.exe windows x86

1037bb6cd462f11149c933503310aef1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glNormal3sv
glRecti
glGetMaterialfv
GlmfEndGlsBlock
glPushName
GlmfPlayGlsRecord
glPixelZoom
glDrawElements
glPolygonOffset
wglCreateContext
glIndexi
glDeleteLists
glMap1f
wglDeleteContext
glFeedbackBuffer
glTexParameteri
glTexCoord4iv
glGetMaterialiv
wglChoosePixelFormat
glVertex2d

mshtml

ShowHTMLDialog
ShowModalDialog
PrintHTML
CreateHTMLPropertyPage
MatchExactGetIDsOfNames
ShowHTMLDialogEx
DllGetClassObject
DllCanUnloadNow
RunHTMLApplication
DllEnumClassObjects
ShowModelessHTMLDialog

sqlwoa

_GetObject@12
_CreateDialogIndirectParam@20
_GetDlgItemText@16
_SendDlgItemMessage@20
_TranslateAccelerator@12
_GetProp@8
_TextOut@20
_CommDlg_OpenSave_GetFilePath@12
_PeekMessage@20
newMultiByteFromWideCharEx
_GetComputerName@8
_GetFileTitle@12
_PostMessage@16
_GetModuleFileName@12
_LoadCursor@8
_CallWindowProc@20
_GetVersionEx@4
_FindResource@12
_CommDlg_OpenSave_GetSpec@12
newWideCharFromMultiByte
_GetClassInfo@12

mapi32

FBadRglpszA@8
WrapCompressedRTFStream@12
cmc_act_on
DllGetClassObject
FtgRegisterIdleRoutine@20
MNLS_lstrcpyW@8
BMAPIAddress
FtSubFt@16
FPropExists@8
MAPISaveMail
GetTnefStreamCodepage
HrAddColumnsEx@20
CreateIProp@24
MAPIOpenLocalFormContainer
HrValidateParameters@8
MAPIDeleteMail
DeinitMapiUtil@0
OpenStreamOnFile
BMAPIGetReadMail
SzFindCh@8
FBadEntryList@4

kernel32

GetLocaleInfoW
InvalidateConsoleDIBits
OpenThread
GetConsoleAliasesLengthA
SetLastError
LockFileEx
EnumResourceNamesW
QueryDosDeviceA
GetModuleHandleW
SetStdHandle
LoadLibraryW
GetCurrentThread
GetCurrentActCtx
PeekConsoleInputA
SetClientTimeZoneInformation

msls31

LsFetchAppendToCurrentSublineResume
LsGetLineDur
LsGetHihLsimethods
LsForceBreakSubline
LssbGetVisibleDcpInSubline
LsdnFinishRegular
LsdnSubmitSublines
LssbGetNumberDnodesInSubline
LsFinishCurrentSubline
LsdnFinishRegularAddAdvancePen
LsQueryTextCellDetails
LssbFDonePresSubline
LsGetTatenakayokoLsimethods
LsQueryCpPpointSubline
LsAppendRunToCurrentSubline
LsLwMultDivR
LsdnFinishByPen
LsGetMinDurBreaks
LsdnFinishBySubline

wintrust

SoftpubDumpStructure
CryptCATPutCatAttrInfo
WintrustSetRegPolicyFlags
SoftpubDllRegisterServer
SoftpubFreeDefUsageCallData
DllRegisterServer
WTHelperGetProvPrivateDataFromChain
AddPersonalTrustDBPages
WTHelperGetProvSignerFromChain
WinVerifyTrustEx
SoftpubLoadDefUsageCallData
WTHelperProvDataFromStateData
SoftpubLoadMessage
SoftpubDllUnregisterServer
WVTAsn1SpcSpAgencyInfoDecode
OpenPersonalTrustDBDialog
CryptCATAdminReleaseContext
WintrustAddActionID
FindCertsByIssuer
WVTAsn1SpcFinancialCriteriaInfoDecode
WintrustGetRegPolicyFlags
TrustFreeDecode
CryptCATAdminAddCatalog
TrustOpenStores
WVTAsn1SpcSigInfoDecode
WVTAsn1SpcMinimalCriteriaInfoDecode
WVTAsn1SpcSpOpusInfoDecode
CryptCATEnumerateMember

Sections

.text
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1037bb6cd462f11149c933503310aef1

Headers

DLL Characteristics

File Characteristics

Imports

opengl32

mshtml

sqlwoa

mapi32

kernel32

msls31

wintrust

Sections

.text Size: 365KB - Virtual size: 365KB

.rdata Size: 130KB - Virtual size: 130KB

.data Size: 157KB - Virtual size: 1.6MB

.rsrc Size: 177KB - Virtual size: 177KB

.reloc Size: 1024B - Virtual size: 844B

.text
Size: 365KB - Virtual size: 365KB

.rdata
Size: 130KB - Virtual size: 130KB

.data
Size: 157KB - Virtual size: 1.6MB

.rsrc
Size: 177KB - Virtual size: 177KB

.reloc
Size: 1024B - Virtual size: 844B