79d78c0deceb3ffe3652b0e7e02f7547842b20dbf333a4f2c7dccc61afe27444

Sharing

Copy URL Twitter E-mail

General

Target

79d78c0deceb3ffe3652b0e7e02f7547842b20dbf333a4f2c7dccc61afe27444
Size

832KB
MD5

83a80bdec94205fbfcdb6cf8907cb71a
SHA1

a563124a3d21654773d68d25bd6aafdd015e2b86
SHA256

79d78c0deceb3ffe3652b0e7e02f7547842b20dbf333a4f2c7dccc61afe27444
SHA512

381ec6c542b0ac53e73554efb3f5baf85ba368df4611b6e1eb72cd11693667407ac0095c6e5205d8d303ab8a9ae872f2b914ef9cd1c628d437a4292c7b7dee20
SSDEEP

24576:jVfOhcN8Z8HT88qEypWKWD16OMgsWwVxDYZVMkrSQbK:JfOKN8izxqEy0KJOMgFEsVzW

Score

N/A

Malware Config

Signatures

Files

79d78c0deceb3ffe3652b0e7e02f7547842b20dbf333a4f2c7dccc61afe27444
.exe windows x86

f687d7aafddf1fe57e761f28e0816c5a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateActCtxA
OpenEventA
GetConsoleFontSize
SetFileTime
VirtualAlloc
FlushConsoleInputBuffer
EnumSystemLocalesA
InitAtomTable
EnumUILanguagesW
HeapAlloc
ExitProcess
CreateJobObjectW
QueryPerformanceCounter
LoadLibraryA
GetSystemTimeAsFileTime
SetThreadContext
FindActCtxSectionStringA
GetModuleHandleA
WritePrivateProfileSectionA
Module32Next
CreateTimerQueue
SetEndOfFile
ZombifyActCtx
WritePrivateProfileStructW
RemoveDirectoryW
GetSystemDefaultLCID
_lopen
SetConsoleMaximumWindowSize
EnumSystemGeoID
FindResourceExA
SetFilePointer
GetConsoleCursorInfo

duser

GetStdColorBrushI
DUserRegisterGuts
GetStdColorName
BuildDropTarget
DUserRegisterSuper
GetStdColorPenF
DUserCastDirect
DUserSendMethod
GetGadgetRootInfo
GetGadgetTicket
AutoTrace
AddGadgetMessageHandler
SetGadgetParent
SetGadgetProperty
GetGadgetSize
GetGadgetMessageFilter
SetGadgetOrder
LookupGadgetTicket
BuildInterpolation
GetActionTimeslice
InitGadgets
GetStdColorBrushF
AttachWndProcW
DUserPostEvent
GetMessageExW
EnumGadgets

mapistub

WrapProgress@20
FreePadrlist@4
CreateIProp@24
__ValidateParameters@8
SetAttribIMsgOnIStg@16
PpropFindProp@12
WrapCompressedRTFStream
cmc_free
FPropExists@8
OpenTnefStream
MAPIDeleteMail
OpenTnefStreamEx@32
InstallFilterHook@4
UlRelease@4
ScRelocProps@20
OpenStreamOnFile@24
ScDupPropset@16
HrSetOmiProvidersFlagsInvalid@4
MAPIReadMail
OpenStreamOnFile
cmc_send
BMAPIDetails
MAPIInitialize@4
MNLS_WideCharToMultiByte@32
ChangeIdleRoutine@28
DeregisterIdleRoutine@4
MAPILogoff
WrapCompressedRTFStream@12
UNKOBJ_ScSzFromIdsAlloc@20
MNLS_lstrcmpW@8

rtm

MgmGroupEnumerationStart
RtmCreateDestEnum
MgmInitialize
MgmDeRegisterMProtocol
RtmDeleteRouteTable
BestMatchInTable
RtmHoldDestination
RtmGetInstanceInfo
RtmDeleteRoute
RtmGetEntityMethods
RtmReleaseDestInfo
RtmBlockMethods
RtmCreateRouteListEnum
MgmReleaseInterfaceOwnership
RtmGetNextRoute
RtmReleaseNextHops
RtmGetNextHopPointer
RtmGetRouteAge
RtmBlockConvertRoutesToStatic
RtmGetExactMatchRoute
MgmTakeInterfaceOwnership
InsertIntoTable
RtmReferenceHandles
MgmGetProtocolOnInterface
RtmCreateRouteEnum
RtmDeleteEnumHandle
RtmGetMostSpecificDestination
RtmCreateRouteList

user32

IsDialogMessage
SetWindowsHookExA
LoadMenuW
GetTaskmanWindow
CheckDlgButton
GetScrollPos
ActivateKeyboardLayout
TrackPopupMenu
DdeImpersonateClient
RealGetWindowClassA
TranslateAcceleratorA
CreateMDIWindowW
GetKeyNameTextW
DdeCreateStringHandleA
SetDlgItemTextA
SetSystemCursor
MenuItemFromPoint
MB_GetString
GetDlgItemTextA
BroadcastSystemMessage
GetPropA
GetMenuDefaultItem
IsIconic
GetKeyboardType
CreateMDIWindowA
DdeAccessData
CsrBroadcastSystemMessageExW
SwitchToThisWindow
CharUpperBuffA
ChangeDisplaySettingsExW
SendIMEMessageExW
LoadMenuIndirectA
VkKeyScanW

Sections

.text
Size: 387KB - Virtual size: 387KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 180KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f687d7aafddf1fe57e761f28e0816c5a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

duser

mapistub

rtm

user32

Sections

.text Size: 387KB - Virtual size: 387KB

.rdata Size: 137KB - Virtual size: 137KB

.data Size: 180KB - Virtual size: 1.5MB

.rsrc Size: 125KB - Virtual size: 125KB

.reloc Size: 1024B - Virtual size: 968B

.text
Size: 387KB - Virtual size: 387KB

.rdata
Size: 137KB - Virtual size: 137KB

.data
Size: 180KB - Virtual size: 1.5MB

.rsrc
Size: 125KB - Virtual size: 125KB

.reloc
Size: 1024B - Virtual size: 968B