d522dd86767190aa7f438bf4c9ba22a3

Sharing

Copy URL Twitter E-mail

General

Target

d522dd86767190aa7f438bf4c9ba22a3
Size

22KB
MD5

d522dd86767190aa7f438bf4c9ba22a3
SHA1

622a957cdca426f8634471f46b1eac2e9f2923e8
SHA256

ddb8cfaa4c3947bb512d10b0425ab4a8f05228405c847cbd929582627856872f
SHA512

ccc7465f4de49a6b15ae53dfb63ec31234bf05535e67e9d4d09a97fba1699b0e4c8cc0ef0159d0d1447211a02e72411b1fdffb5c748dc93d35f49d18ac887bb5
SSDEEP

384:ms9uOO7mlho8MEUDNRvuFrIkTnS/L6a90D8D8D8DuxrCVK:rEOO4ho3lNRmtI4a+a90D8D8D8DUL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d522dd86767190aa7f438bf4c9ba22a3

Files

d522dd86767190aa7f438bf4c9ba22a3
.exe windows:5 windows x86 arch:x86

520d2bf34165fc830e9ad28cf08a040c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileW
VirtualAlloc
TzSpecificLocalTimeToSystemTime
VirtualProtectEx
FindFirstFileA
IsBadStringPtrA
WriteConsoleInputVDMW
GetTickCount
ReplaceFileW
GetCompressedFileSizeW
OpenConsoleW
SetSystemTime
GetCurrentProcessId
HeapReAlloc
SetFileShortNameW
SetCalendarInfoA
GetCurrentThreadId
CreateToolhelp32Snapshot
RegisterConsoleIME
FindVolumeClose
BaseCheckAppcompatCache
QueryPerformanceCounter

crtdll

asin
__dllonexit
_chdrive
floor
wcscmp
_getw
_strtime
__argc_dll
_wcsnicmp
_lfind
_open_osfhandle
_getsystime
__mb_cur_max_dll
_itow

user32

PeekMessageA
DdeConnect
SetWindowTextA
ArrangeIconicWindows
AttachThreadInput
OemToCharBuffW
MapWindowPoints
SetWindowStationUser
SetInternalWindowPos
ToAsciiEx
SwitchDesktop
DrawStateW
GetWindowInfo
RedrawWindow
GetMonitorInfoW
SetProcessDefaultLayout

mapistub

HrIStorageFromStream@16
CbOfEncoded@4
GetAttribIMsgOnIStg@12
MAPIAllocateBuffer@8
HrQueryAllRows@24
SzFindCh@8
UNKOBJ_ScCOAllocate@12
ScCopyNotifications@16
BMAPIDetails
BMAPISaveMail
FGetComponentPath@20
BMAPISendMail
WrapCompressedRTFStream
OpenIMsgSession@12
MAPISendDocuments

query

??0CColumnSet@@QAE@I@Z
??0CStandardPropMapper@@QAE@XZ
?DisableVPathNotify@CMetaDataMgr@@QAEXXZ
??0CFullPath@@QAE@PBGI@Z
??0CCategorizationSet@@QAE@I@Z
?GetCGIVariable@CWebServer@@QAEHPBDAAV?$XArray@G@@AAK@Z
??0CQueryScanner@@QAE@PBGHKH@Z
??1CPropertyStore@@QAE@XZ
?SetProperty@CDbColId@@QAEHPBG@Z
??0CLangList@@QAE@PAUICiCLangRes@@K@Z
?Shutdown@CWorkQueue@@QAEXXZ
?ReturnBuffer@CPhysStorage@@QAEXKHH@Z

opengl32

glIndexd
glFrontFace
glRasterPos4d
glFeedbackBuffer
glReadBuffer
glGetTexLevelParameterfv
glPixelMapusv
glEvalCoord1d
wglSwapLayerBuffers
glRectdv
glColor3fv
glNormalPointer
glNormal3bv
glColor4uiv
glDeleteTextures

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 655B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

520d2bf34165fc830e9ad28cf08a040c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

crtdll

user32

mapistub

query

opengl32

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 1024B - Virtual size: 655B

.data Size: 512B - Virtual size: 124B

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 1024B - Virtual size: 655B

.data
Size: 512B - Virtual size: 124B

.rsrc
Size: 4KB - Virtual size: 3KB