bb7a46bbe9ee29a8eb402f577da38e66f40c58cb8608804231dddcb8975f20a1

Sharing

Copy URL Twitter E-mail

General

Target

bb7a46bbe9ee29a8eb402f577da38e66f40c58cb8608804231dddcb8975f20a1
Size

134KB
MD5

3a1e564c6c3c269d3541d2f350bfa309
SHA1

31b49ed86dda6faddb477c3a7d55a9297b7746c7
SHA256

bb7a46bbe9ee29a8eb402f577da38e66f40c58cb8608804231dddcb8975f20a1
SHA512

d208ef001448e35e0d8219be19659602e8395cd99dc83a76e5e80ecfd3f930e8cbd99de181648d77f84d8e44d95a3671724305a12189c5e5d2e1b74733356bda
SSDEEP

3072:RoAwOyLRIkjtGmIQV5T/CF0SXe8/tGw2CC1Wm8pGcYGR+:1wRFIkBGIVR/CFzknCvgcYk+

Score

N/A

Malware Config

Signatures

Files

bb7a46bbe9ee29a8eb402f577da38e66f40c58cb8608804231dddcb8975f20a1
.exe windows x86

9c06d31c25a58d9607a727866befdcd2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

clbcatq

CheckMemoryGates
SetupSave
OpenComponentLibraryOnMemEx
GetCatalogObject
CLSIDFromStringByBitness
CoRegCleanup
ComPlusMigrate
SetSetupSave
DeleteAllActivatorsForClsid
UpdateFromComponentChange
CreateComponentLibraryEx
DowngradeAPL
DllRegisterServer
DllGetClassObject
ServerGetApplicationType
DllUnregisterServer
UpdateFromAppChange
SetSetupOpen
InprocServer32FromString
GetComputerObject
ActivatorUpdateForIsRouterChanges
DllCanUnloadNow
GetCatalogObject2
GetSimpleTableDispenser
SetupOpen
OpenComponentLibraryOnStreamEx
OpenComponentLibraryEx

winmm

midiInStop
waveInGetPosition
joySetCapture
mciSendStringW
waveOutBreakLoop
mmioSendMessage
WOWAppExit
SendDriverMessage
mmioStringToFOURCCW
DrvGetModuleHandle
sndPlaySoundW
midiOutUnprepareHeader
mciLoadCommandResource
midiInClose
mciGetYieldProc
mixerGetID
auxOutMessage
waveOutGetDevCapsW
mmioOpenW
mmioRead
joyGetPosEx
mciExecute
CloseDriver
waveOutGetPosition
joyGetDevCapsA

wldap32

ldap_parse_result
ldap_get_values
ldap_create_sort_controlW
ldap_get_values_lenA
ber_bvfree
ldap_delete_sA
ber_first_element
ldap_search_init_page
ldap_modify_sW
ldap_count_references
ldap_searchW
ldap_first_attributeW
ldap_search_stW
ldap_modrdn2A
ldap_extended_operation_sW
LdapUnicodeToUTF8
ldap_set_dbg_flags
ldap_count_valuesA
ldap_rename_ext_sA
ldap_err2stringA
ldap_modrdn
ldap_get_next_page_s
ldap_count_values
ldap_modifyA

mapistub

FPropExists@8
HrSetOmiProvidersFlagsInvalid
UlPropSize@4
OpenTnefStream
MAPIOpenLocalFormContainer
BMAPIResolveName
MAPIUninitialize@0
DeinitMapiUtil@0
ScCountNotifications@12
BMAPIGetReadMail
FixMAPI@0
ScCopyProps@16
MAPILogonEx@20
UNKOBJ_ScCOAllocate@12
OpenIMsgOnIStg@44
CchOfEncoding@4

mscat32

MsCatFreeHashTag
CryptCATGetMemberInfo
CryptCATOpen
CryptCATCDFEnumCatAttributes
CryptCATAdminAddCatalog
CryptCATCDFEnumMembersByCDFTag
MsCatConstructHashTag
CryptCATAdminEnumCatalogFromHash
CryptCATCDFEnumAttributes
CryptCATCDFEnumMembersByCDFTagEx
CryptCATClose
CryptCATEnumerateCatAttr
DllUnregisterServer
DllRegisterServer

kernel32

BackupRead
GetPrivateProfileSectionA
LZStart
lstrcmpi
CreateMutexA
LoadLibraryW
ReadProcessMemory
GetLastError
CreateFileMappingA
FlushFileBuffers
GetConsoleAliasesLengthW
FreeEnvironmentStringsA
SetCriticalSectionSpinCount
CreateDirectoryA
GlobalFindAtomW
GetCurrentThread
SetConsoleTitleW
GetLocaleInfoW
GlobalFlags
RegisterWaitForInputIdle
GetModuleHandleW

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c06d31c25a58d9607a727866befdcd2

Headers

File Characteristics

Imports

clbcatq

winmm

wldap32

mapistub

mscat32

kernel32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 51KB - Virtual size: 50KB

.data Size: 30KB - Virtual size: 30KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 51KB - Virtual size: 50KB

.data
Size: 30KB - Virtual size: 30KB

.rsrc
Size: 6KB - Virtual size: 5KB