8f1a7ac0a2ec1a71c54937f009167c69790c68cd3168d37b0006545331bbc5b1

Sharing

Copy URL Twitter E-mail

General

Target

8f1a7ac0a2ec1a71c54937f009167c69790c68cd3168d37b0006545331bbc5b1
Size

56KB
MD5

373fcf434281bb5704b99e40de36b960
SHA1

f608f52976dafade2d010d75247c807b940da9fe
SHA256

8f1a7ac0a2ec1a71c54937f009167c69790c68cd3168d37b0006545331bbc5b1
SHA512

b6201653bf0cf4d8d7acac1610bbf3756aeac6bc945f306a6ffe7d35b2bc23d02cbaacdb63c80f2c5e532b01af6d1d5450e3bdf8778d3e7eda976f13834ac5fd
SSDEEP

768:9xpwDUNiF2dteycoLuZh2Y8t8ot25eGApXREny8v5ssXwQJ2eo:7+YkWeyIZhat8ot2MJR6xXXfo

Score

N/A

Malware Config

Signatures

Files

8f1a7ac0a2ec1a71c54937f009167c69790c68cd3168d37b0006545331bbc5b1
.exe windows x86

38ef34fe319bbb1be1dd83d66aa5d5e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
GlobalAlloc
CreateEventW
OpenEventW
GetCurrentProcessId
CreateSemaphoreW
GetSystemTime
GetModuleFileNameW
GetProcessHeap
HeapCreate
lstrlenA
ExitProcess
GetShortPathNameA
GetModuleFileNameA
MultiByteToWideChar
CreateMutexW
FreeLibrary
LoadLibraryW
GetSystemInfo
GetVersionExA
ExpandEnvironmentStringsW
CreateDirectoryW
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemDirectoryW
LoadLibraryA
GetVolumeInformationW
LocalFree
WaitForMultipleObjects
OpenEventA
GetLastError
GetFileAttributesW
Sleep
InitializeCriticalSection
GetCurrentThread
GetTickCount
SetEvent
WaitForSingleObject
GetCurrentProcess
lstrcpynA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetStartupInfoA
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
GetModuleHandleA
TlsAlloc
GetCurrentThreadId
GetEnvironmentStringsW
BeginUpdateResourceW
GetProcAddress

user32

CharPrevA
CharUpperA

advapi32

AccessCheck
RegSetValueExW
ConvertStringSecurityDescriptorToSecurityDescriptorA
GetTraceEnableLevel
UnregisterTraceGuids
RegisterTraceGuidsA
GetTraceLoggerHandle
GetTraceEnableFlags
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegQueryValueExA
ReportEventW
DeregisterEventSource
RegisterEventSourceW
DuplicateToken
RevertToSelf
ImpersonateLoggedOnUser
AdjustTokenPrivileges
GetNamedSecurityInfoW
LookupPrivilegeValueA
MapGenericMask
TraceMessage
OpenThreadToken
OpenProcessToken

rpcrt4

RpcServerRegisterIf
RpcServerListen
RpcMgmtStopServerListening
RpcImpersonateClient
RpcServerUnregisterIf
RpcRevertToSelf
RpcServerUseProtseqEpA
NdrServerCall2

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

msasn1

ASN1ztcharstring_free
ASN1_CloseEncoder
ASN1BEREncCheck
ASN1BERDecSXVal
ASN1bitstring_cmp
ASN1_Decode
ASN1BERDecEoid
ASN1BERDecDouble
ASN1BEREncOpenType
ASN1BERDecNull
ASN1ztchar32string_free
ASN1intxisuint32
ASN1_CreateEncoder
ASN1char16string_free

mapi32

BMAPISaveMail
cmc_look_up
cmc_list
cmc_free
MAPIAdminProfiles

Sections

.text
Size: 1024B - Virtual size: 650B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxSB
Size: 1KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dpG
Size: 3KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nuiCQ
Size: 2KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 8KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.myp
Size: 1KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 6KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YkkH
Size: 3KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38ef34fe319bbb1be1dd83d66aa5d5e4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

rpcrt4

version

msasn1

mapi32

Sections

.text Size: 1024B - Virtual size: 650B

.sxSB Size: 1KB - Virtual size: 243KB

.text Size: 14KB - Virtual size: 14KB

.dpG Size: 3KB - Virtual size: 161KB

.rdata Size: 3KB - Virtual size: 42KB

.nuiCQ Size: 2KB - Virtual size: 317KB

.edata Size: 8KB - Virtual size: 38KB

.myp Size: 1KB - Virtual size: 194KB

.data Size: 7KB - Virtual size: 250KB

.edata Size: 6KB - Virtual size: 60KB

.YkkH Size: 3KB - Virtual size: 364KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 1024B - Virtual size: 650B

.sxSB
Size: 1KB - Virtual size: 243KB

.text
Size: 14KB - Virtual size: 14KB

.dpG
Size: 3KB - Virtual size: 161KB

.rdata
Size: 3KB - Virtual size: 42KB

.nuiCQ
Size: 2KB - Virtual size: 317KB

.edata
Size: 8KB - Virtual size: 38KB

.myp
Size: 1KB - Virtual size: 194KB

.data
Size: 7KB - Virtual size: 250KB

.edata
Size: 6KB - Virtual size: 60KB

.YkkH
Size: 3KB - Virtual size: 364KB

.rsrc
Size: 3KB - Virtual size: 2KB