ad27603abb0f74b19f132483293cffd45073bebe231bd68add1eed0ee46a861e

Sharing

Copy URL Twitter E-mail

General

Target

ad27603abb0f74b19f132483293cffd45073bebe231bd68add1eed0ee46a861e
Size

46KB
MD5

5e5011a17899806b141243b366d47485
SHA1

faccaf9cfdf2980c6c155ad03c211c218a4f0888
SHA256

ad27603abb0f74b19f132483293cffd45073bebe231bd68add1eed0ee46a861e
SHA512

8ad3eabe37584a23f89689aa5fa620e3e2d960010a5de35f331dba36071fbacfb09735b81093d9b7e907bc3e944987d7352cc9ae26db890d3e55addd1634a91b
SSDEEP

768:Xt+gClbrgDbmmNpYeSOgjsVL2gL2Qzk9ES3Y14lc1g:oZlbUdbASigqTw4lcK

Score

N/A

Malware Config

Signatures

Files

ad27603abb0f74b19f132483293cffd45073bebe231bd68add1eed0ee46a861e
.exe windows x86

8a07d2cebeb0a6fe272170dfc4ccf9dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DeviceEventWorker
GetProcessWindowStation
DispatchMessageA
GetIconInfo
CountClipboardFormats
LockSetForegroundWindow
DdeUnaccessData
ShowWindowAsync
GetAppCompatFlags2
ChangeDisplaySettingsA
DdeGetQualityOfService
CreateDesktopA
TranslateMessageEx
DefFrameProcA
UserHandleGrantAccess
AppendMenuW
SetProcessDefaultLayout
DrawTextExW
CreateMDIWindowA
ScrollDC
DrawTextW
LoadCursorA
LoadImageW
GetWindow
IsServerSideWindow
EnumDisplaySettingsExA
CheckDlgButton
EnumClipboardFormats
OpenDesktopW
LoadCursorFromFileA

crypt32

CertCreateCTLContext
CertFindRDNAttr
CertGetCRLContextProperty
CryptImportPublicKeyInfoEx
RegCreateHKCUKeyExU
PFXImportCertStore
CertFreeCertificateChain
CertAddSerializedElementToStore
I_CryptCreateLruEntry
I_CryptRegisterSmartCardStore
CryptMsgCalculateEncodedLength
CryptSIPCreateIndirectData
CertGetNameStringA
CertGetEnhancedKeyUsage
CryptEncryptMessage
CryptGetMessageSignerCount
CertFreeCertificateChainEngine
CryptStringToBinaryW
CryptDecodeMessage
I_CryptGetLruEntryData
CertEnumPhysicalStore
CertSetEnhancedKeyUsage
CryptSignMessageWithKey
CryptSignCertificate
I_CryptWalkAllLruCacheEntries
CryptSignHashU
CryptMsgCountersign

clusapi

CreateClusterGroup
GetClusterGroupState
ClusterRegGetKeySecurity
ClusterNetworkOpenEnum
ClusterResourceTypeCloseEnum
CloseClusterNetwork
ClusterCloseEnum
GetClusterNetInterface
ClusterNetworkEnum
GetNodeClusterState
GetClusterNetworkState
GetClusterFromGroup
CloseClusterGroup
ClusterGroupOpenEnum
ClusterGroupControl
ClusterResourceGetEnumCount
SetClusterGroupNodeList
ClusterNetworkCloseEnum
CloseCluster
ClusterResourceTypeGetEnumCount
PauseClusterNode

mapi32

UlRelease@4
FPropExists@8
EnableIdleRoutine@8
FtDivFtBogus@20
WrapCompressedRTFStream@12
DeregisterIdleRoutine@4
GetOutlookVersion
FBadRglpszA@8
MAPIInitialize
cmc_logon
SzFindLastCh@8
FtgRegisterIdleRoutine@20
FtAdcFt@20
FtMulDw@12

cryptext

CryptExtAddCRL
CryptExtOpenSTRW
CryptExtAddCER
DllCanUnloadNow
CryptExtAddCTLW
CryptExtAddPFXW
CryptExtOpenCTLW
CryptExtAddPFX
CryptExtAddCERW
CryptExtAddSPC
CryptExtOpenCATW
CryptExtOpenCTL
CryptExtOpenCRL
CryptExtAddCRLW
CryptExtAddP7R
CryptExtOpenPKCS7W
CryptExtOpenCER
CryptExtOpenCRLW
CryptExtOpenP7R
CryptExtOpenCERW
CryptExtOpenCAT
CryptExtAddP7RW
CryptExtOpenPKCS7

kernel32

RtlCaptureContext
SetFileAttributesA
LockResource
LoadLibraryW
AddRefActCtx
CreateSemaphoreW
InterlockedIncrement
GetModuleHandleW
SetConsoleCursorMode
GetCurrentThread
GetLocaleInfoW
DeleteFiber
SetConsoleHardwareState
FreeUserPhysicalPages
GetSystemTime
ExpandEnvironmentStringsA
Process32FirstW
FindResourceExW
GetSystemWindowsDirectoryW
FindResourceW
QueryPerformanceCounter
FindFirstVolumeMountPointW
FreeLibraryAndExitThread
HeapLock
SetClientTimeZoneInformation
GetSystemWow64DirectoryA
GetVolumeNameForVolumeMountPointA
GetConsoleTitleW
LZOpenFileW
OpenThread
GetModuleHandleExW
GetSystemTimeAdjustment
CreateEventA

gdi32

GdiPlayJournal
AnimatePalette
GetRgnBox
ResetDCA
EngQueryEMFInfo
GetHFONT
OffsetWindowOrgEx
PATHOBJ_bEnumClipLines
GetTextExtentExPointWPri
GdiEndDocEMF
CreateMetaFileW
CreateHatchBrush
SetColorSpace

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 438B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a07d2cebeb0a6fe272170dfc4ccf9dd

Headers

DLL Characteristics

File Characteristics

Imports

user32

crypt32

clusapi

mapi32

cryptext

kernel32

gdi32

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 438B

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 438B

.rsrc
Size: 6KB - Virtual size: 5KB