e7a734df45771d57becb076bfe719edafa992a9b69a3fc0386385818ef1e9ba6

Sharing

Copy URL Twitter E-mail

General

Target

e7a734df45771d57becb076bfe719edafa992a9b69a3fc0386385818ef1e9ba6
Size

258KB
MD5

895fdf3d7edb6d40e755cbf0c120cfb8
SHA1

d23739ce88155253c4615280d038e0188e694105
SHA256

e7a734df45771d57becb076bfe719edafa992a9b69a3fc0386385818ef1e9ba6
SHA512

8311366bcf9eed67aab7618cadded509b77957f59bfea6b76e91360beb63fa7803e5e46c31e7f9e4b216df87b743ab7299a4c962a2ee96271336ab2d143657e8
SSDEEP

6144:a94h9Zn5hwpjP/AcyyBiludZKrBPKJIcG3KkwmLz5dxx:aW/55hEj3CoElcG3KSLj

Score

N/A

Malware Config

Signatures

Files

e7a734df45771d57becb076bfe719edafa992a9b69a3fc0386385818ef1e9ba6
.exe windows x86

5559af5b7710388196e17023ba2d3fb3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
SetErrorMode
LoadLibraryA
ExpandEnvironmentStringsA
DosDateTimeToFileTime
FreeLibrary
lstrcmpiW
lstrlenA
lstrlenW
GetLocalTime
GetExitCodeThread
GetLocaleInfoW
GetModuleHandleW
GetVersionExW
LoadLibraryW
OpenMutexW
GetFileAttributesW
GetExitCodeProcess
CreateEventW
WaitForSingleObject
GetModuleFileNameW
Sleep
CreateDirectoryW
GetTempPathW
GetLastError
RemoveDirectoryW
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
IsDebuggerPresent
CreateMutexW
GlobalAlloc
MultiByteToWideChar
GetProcAddress

user32

InvalidateRect
GetFocus
GetForegroundWindow
GetActiveWindow
IsWindow
DestroyIcon
LoadBitmapW
CopyRect
LoadImageW
LoadIconW
GetSystemMetrics
IsIconic
MessageBoxW
wsprintfW
PostMessageW
EnableWindow
SendMessageW

gdi32

CreateSolidBrush
CreatePen

advapi32

GetTokenInformation
LookupAccountSidW
DuplicateTokenEx
ImpersonateLoggedOnUser
SetThreadToken
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExW
RegOpenKeyExA
RegQueryValueExA
GetUserNameW
RevertToSelf
OpenProcessToken

comctl32

ord17

oleaut32

VariantClear

shell32

ShellExecuteW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

mapistub

MAPIInitialize
cmc_read
DllGetClassObject
BMAPIResolveName
RTFSync
ScMAPIXFromSMAPI
BMAPISendMail
BMAPIGetAddress
OpenStreamOnFile
cmc_query_configuration

mssip32

CryptSIPVerifyIndirectData

Sections

.icode
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 477KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 82KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 131KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5559af5b7710388196e17023ba2d3fb3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

oleaut32

shell32

version

mapistub

mssip32

Sections

.icode Size: 8KB - Virtual size: 8KB

.edata Size: 3KB - Virtual size: 477KB

.edata Size: 3KB - Virtual size: 125KB

.text Size: 13KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 39KB

.edata Size: 82KB - Virtual size: 155KB

.data Size: 6KB - Virtual size: 294KB

.edata Size: 131KB - Virtual size: 183KB

.rsrc Size: 5KB - Virtual size: 5KB

.icode
Size: 8KB - Virtual size: 8KB

.edata
Size: 3KB - Virtual size: 477KB

.edata
Size: 3KB - Virtual size: 125KB

.text
Size: 13KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 39KB

.edata
Size: 82KB - Virtual size: 155KB

.data
Size: 6KB - Virtual size: 294KB

.edata
Size: 131KB - Virtual size: 183KB

.rsrc
Size: 5KB - Virtual size: 5KB