a2d64ea195492c8ee7b565400d89468e9e1efb4bb2704e5a677eba22e0d3bbcc

Sharing

Copy URL

Twitter E-mail

General

Target

a2d64ea195492c8ee7b565400d89468e9e1efb4bb2704e5a677eba22e0d3bbcc
Size

824KB
MD5

6e86ca1926884109dbf642d373d730bd
SHA1

8945aca642675fd262cd73b31568f2ed403cb01d
SHA256

a2d64ea195492c8ee7b565400d89468e9e1efb4bb2704e5a677eba22e0d3bbcc
SHA512

f6d51178739de46824f6e9d6f24aa9e355aa4d30faee6eb681b8ab50ae7541de04f4ce14ebb7a82632081b33110328627318200107edbb4b137158808e42d25d
SSDEEP

12288:fBPyQzNCLbFpqAdOrDAzCdFhNk2qggzlIWESEDtnAh4J/Ld19dzFY++knY:gsNCf1z8F/k3gd1Vb1Rz+j

Score

N/A

Malware Config

Signatures

Files

a2d64ea195492c8ee7b565400d89468e9e1efb4bb2704e5a677eba22e0d3bbcc
.exe windows x86

d7b99e77284506b6dbf79d5a5a27c2ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mapi32

SwapPlong@8
MAPIAllocateBuffer
FtSubFt@16
LAUNCHWIZARD
GetAttribIMsgOnIStg@12
ScMAPIXFromSMAPI
CchOfEncoding@4
FBadEntryList@4
ScDupPropset@16
OpenTnefStream@28
HrDecomposeMsgID@24
UlRelease@4
FBadRglpNameID@8
HrDecomposeEID@28
HrSetOmiProvidersFlagsInvalid
LaunchWizard@20
__CPPValidateParameters@8

user32

GetCursorInfo
GetClassLongW
keybd_event
MapVirtualKeyW
InvalidateRect
SoftModalMessageBox
DestroyCaret
TranslateAcceleratorA
UpdatePerUserSystemParameters
SetWindowStationUser
EnumThreadWindows
CallMsgFilterA
IntersectRect
DrawTextExW
DdeDisconnectList

kernel32

GetConsoleAliasesLengthW
RestoreLastError
CreateTimerQueueTimer
FreeResource
EnumTimeFormatsA
LoadLibraryW
GlobalDeleteAtom
BindIoCompletionCallback
GetCurrentThread
GetConsoleCommandHistoryA
HeapCompact
FindFirstVolumeA
GetFileAttributesExW
SetComputerNameExW
GetModuleHandleW
DisconnectNamedPipe
VirtualAllocEx
lstrcpyA
FreeLibrary
ClearCommError
Heap32ListNext
GetSystemWow64DirectoryA
GetPriorityClass
GetLocaleInfoW

oleaut32

VarI8FromUI8
VarCyFromUI8
SysReAllocString
VarTokenizeFormatString
VarDecFromDisp
OleCreateFontIndirect
VarI8FromCy
VarIdiv
VarCyCmpR8
VarBstrFromI4
OleLoadPictureFile
VarR8FromI4
SafeArrayDestroy
VarPow
VarNeg
SafeArrayGetLBound
VarDecNeg
SafeArrayGetDim
VarUI8FromI1
VarR8Round
VarOr
VARIANT_UserMarshal
VarMul
VarFix
VarI2FromI4
BstrFromVector

mgmtapi

SnmpMgrOpen
SnmpMgrCtl
SnmpMgrGetTrap
SnmpMgrTrapListen
SnmpMgrOidToStr
SnmpMgrStrToOid
SnmpMgrGetTrapEx
SnmpMgrClose
SnmpMgrRequest

Sections

.text
Size: 387KB - Virtual size: 386KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7b99e77284506b6dbf79d5a5a27c2ee

Headers

DLL Characteristics

File Characteristics

Imports

mapi32

user32

kernel32

oleaut32

mgmtapi

Sections

.text Size: 387KB - Virtual size: 386KB

.rdata Size: 105KB - Virtual size: 104KB

.data Size: 157KB - Virtual size: 1.6MB

.rsrc Size: 172KB - Virtual size: 172KB

.reloc Size: 1024B - Virtual size: 860B

.text
Size: 387KB - Virtual size: 386KB

.rdata
Size: 105KB - Virtual size: 104KB

.data
Size: 157KB - Virtual size: 1.6MB

.rsrc
Size: 172KB - Virtual size: 172KB

.reloc
Size: 1024B - Virtual size: 860B