c2fe862faefb47a6244e0379f19d89e9142c245e90311b3428b1663aa78bbb31

Sharing

Copy URL Twitter E-mail

General

Target

c2fe862faefb47a6244e0379f19d89e9142c245e90311b3428b1663aa78bbb31
Size

416KB
MD5

c0159125d5002998e7ff6a4a156a6129
SHA1

2228ab7757f3dbfe47ca91e135de75541fb2894a
SHA256

c2fe862faefb47a6244e0379f19d89e9142c245e90311b3428b1663aa78bbb31
SHA512

cdaf900b97467c396a0dd6d3bacd7dda25eb9f0417e656857118bbfeb45942f6eef97411e5132aa9ba07f9c11071db6e726f1430a6b7026c7ced85f4c3826223
SSDEEP

12288:5pi35khF0O9DMq9vpvqSviycbZKJNBAfcrlLuV9777:5wkhF0yyl9vCB69777

Score

N/A

Malware Config

Signatures

Files

c2fe862faefb47a6244e0379f19d89e9142c245e90311b3428b1663aa78bbb31
.exe windows x86

98a2fbd621f177613d880c122b4197fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mapistub

UlRelease@4
ScMAPIXFromCMC
FGetComponentPath@20
MAPIFreeBuffer@4
cmc_logon
HrValidateParameters@8
HrDecomposeMsgID@24
MAPIResolveName
MNLS_WideCharToMultiByte@32
DeinitMapiUtil@0
FtAddFt@16
MNLS_lstrcmpW@8
UlPropSize@4

kernel32

_hwrite
GetConsoleInputExeNameA
Thread32First
CreateRemoteThread
LocalReAlloc
GetProcessIoCounters
GetThreadSelectorEntry
DeleteFileW
MoveFileExW
HeapFree
GenerateConsoleCtrlEvent
LockFile
ReleaseMutex
VirtualAlloc
GetCurrentDirectoryW
ExitProcess
FindFirstFileW
RequestWakeupLatency
ReadFile

msvcrt20

_CIatan2
_wstrtime
??Bios@@QBEPAXXZ
setlocale
?delbuf@ios@@QAEXH@Z
?rdbuf@ios@@QBEPAVstreambuf@@XZ
strspn
strcoll
fwprintf
wcscoll
_dup2
?is_open@filebuf@@QBEHXZ
??4istream@@IAEAAV0@ABV0@@Z

ntdll

LdrShutdownProcess
LdrSetDllManifestProber
RtlLargeIntegerArithmeticShift
ZwWaitLowEventPair
RtlUnicodeToMultiByteSize
NtCreateJobSet
RtlGetLengthWithoutTrailingPathSeperators
_strupr
RtlUnhandledExceptionFilter
_CIpow
RtlLockMemoryStreamRegion
RtlReAllocateHeap
NtQueryInformationPort

winscard

SCardAddReaderToGroupA
SCardReconnect
SCardIsValidContext
SCardListInterfacesW
SCardListReadersW
SCardAddReaderToGroupW
SCardCancel
SCardRemoveReaderFromGroupA
SCardListInterfacesA
SCardGetAttrib
SCardAccessStartedEvent
SCardReleaseAllEvents
SCardListReaderGroupsW
g_rgSCardT1Pci
SCardBeginTransaction
SCardIntroduceReaderGroupW
SCardStatusA

user32

GetMenu
GetWindowDC
GetParent

opengl32

glColor4ub
glMultMatrixf
glFogiv
glVertex3iv
glVertex4s
wglGetLayerPaletteEntries
glTexCoord3d
glRotated
glLightModelf
glTexCoord2dv
glFeedbackBuffer
glVertex2d
glColor3dv
glPixelMapfv

Sections

.text
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idat_55
Size: 119KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 302B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98a2fbd621f177613d880c122b4197fd

Headers

DLL Characteristics

File Characteristics

Imports

mapistub

kernel32

msvcrt20

ntdll

winscard

user32

opengl32

Sections

.text Size: 205KB - Virtual size: 205KB

.rdata Size: 84KB - Virtual size: 84KB

.idat_55 Size: 119KB - Virtual size: 1.6MB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 512B - Virtual size: 302B

.text
Size: 205KB - Virtual size: 205KB

.rdata
Size: 84KB - Virtual size: 84KB

.idat_55
Size: 119KB - Virtual size: 1.6MB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 512B - Virtual size: 302B