c6abff09abe66a8596afc396f3d4868fcab1702ca1aca402e7b162a230ccffb6

Sharing

Copy URL Twitter E-mail

General

Target

c6abff09abe66a8596afc396f3d4868fcab1702ca1aca402e7b162a230ccffb6
Size

390KB
MD5

fdb961d0cdd3e782517b1c3244d39a1d
SHA1

9ab538a77a04cfd7bd27c4486cc2c51a01ead411
SHA256

c6abff09abe66a8596afc396f3d4868fcab1702ca1aca402e7b162a230ccffb6
SHA512

c1ce7351ae06eeab402c9d3b5e1a79f71f27d4c63d2dd85231fe94ca82e1ae2189717ba15832aefda1df9d2ddebd2f3a95df909a684cc1e432b4d8a92ffb83e4
SSDEEP

12288:6jmL7o4k8D9CfszHWNGVaxFjFG3G9u6aAI1/ztZ:6jpgD9Cfsa7FjGG9HaAI17t

Score

N/A

Malware Config

Signatures

Files

c6abff09abe66a8596afc396f3d4868fcab1702ca1aca402e7b162a230ccffb6
.exe windows x86

1b288b7fb70c5b467fb356c5aaa54758

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

netapi32

NetShareEnum

setupapi

SetupOpenInfFileW
SetupFindNextLine
SetupGetStringFieldW

syssetup

AsrRestorePlugPlayRegistryData
AsrCreateStateFileW
AsrAddSifEntryW

ole32

CoTaskMemFree
StringFromGUID2

rpcrt4

UuidToStringW

msacm32

acmMessage32
acmFormatEnumW
acmFilterTagDetailsW
acmStreamClose
acmFormatTagEnumW
acmFormatTagDetailsW
acmFormatDetailsA
acmFilterDetailsA
acmDriverClose
acmFilterTagDetailsA
acmDriverMessage
acmStreamOpen
acmFilterTagEnumA
acmStreamReset
acmDriverAddW

kernel32

SetFileAttributesW
GetUserDefaultLCID
LoadLibraryW
GetProcessHeap
GetVolumeInformationW
FindFirstFileW
HeapAlloc
GetExitCodeThread
SetLastError
SetTapeParameters
GetCompressedFileSizeW
FindResourceW
GetLastError
VirtualFree
GetDriveTypeW
LoadResource
LocalFileTimeToFileTime
LocalAlloc
BackupRead
GetStartupInfoW
PrepareTape
GetVersionExA
GetFileInformationByHandle
GetCurrentProcess
GetWindowsDirectoryW
GetCurrentProcessId
CreateSemaphoreW
CloseHandle
VirtualAlloc
LocalFree
LoadLibraryA
WaitForSingleObject
UnhandledExceptionFilter
HeapSize
GetTimeFormatW
MoveFileExW
GetSystemDirectoryW
Sleep

comctl32

DestroyPropertySheetPage

mapi32

BMAPIGetReadMail
BMAPIFindNext
BMAPIGetAddress
MAPIDeleteMail
MAPIDetails
ScMAPIXFromSMAPI
RTFSync
ScMAPIXFromCMC
cmc_logoff
cmc_look_up

gdi32

CreateFontIndirectW
Rectangle
CreateBitmap

ntdll

NtQueryQuotaInformationFile
NtSetQuotaInformationFile
wcstoul

advapi32

QueryServiceStatus
InitializeSecurityDescriptor
OpenThreadToken
EnumDependentServicesW
RegisterEventSourceW
RegOpenKeyW
SetFileSecurityW
RegDeleteValueW

msorcl32

SQLDriverConnect
SQLPutData
SQLProcedures
SQLConnect
SQLExtendedFetch
SQLAllocStmt
SQLGetData
SQLColAttributes
SQLGetTypeInfo
SQLBindParameter
SQLGetConnectOption
SQLProcedureColumns
SQLFreeConnect
SQLNumParams
SQLTables
SQLTransact

user32

ChildWindowFromPoint
IsWindow
LoadMenuW
GetFocus
MonitorFromWindow
EnableWindow
DeleteMenu
GetWindowLongW
ReleaseDC
KillTimer
SetWindowsHookExW
DestroyWindow
GetActiveWindow
wvsprintfW
CreateIconIndirect
ClientToScreen
GetCapture
GetDesktopWindow
IsIconic
GetParent
LoadIconW
ShowWindow
PostQuitMessage
SetWindowLongW
CreateDialogParamW

Sections

.text
Size: 251KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 748KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b288b7fb70c5b467fb356c5aaa54758

Headers

DLL Characteristics

File Characteristics

Imports

netapi32

setupapi

syssetup

ole32

rpcrt4

msacm32

kernel32

comctl32

mapi32

gdi32

ntdll

advapi32

msorcl32

user32

Sections

.text Size: 251KB - Virtual size: 251KB

.data Size: 41KB - Virtual size: 41KB

.rsrc Size: 96KB - Virtual size: 748KB

.text
Size: 251KB - Virtual size: 251KB

.data
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 96KB - Virtual size: 748KB