18fb2f20f865ef00de1626e5ad617bdd6ca0cfe6bd897d250cb0985d9167b999

Sharing

Copy URL Twitter E-mail

General

Target

18fb2f20f865ef00de1626e5ad617bdd6ca0cfe6bd897d250cb0985d9167b999
Size

132KB
MD5

96277518f852234d22bc591108aa5c20
SHA1

c7fdf05f47863f882dfc5bc8eb582aebf2fac591
SHA256

18fb2f20f865ef00de1626e5ad617bdd6ca0cfe6bd897d250cb0985d9167b999
SHA512

84bcea3aa647ce13e10d6cd995c8dd8badf1ef9155973f31795f3621adf3c1d67bf4b2c709e4c0449faa4898cce0a10ca53572386112022d931048e7abe4ad45
SSDEEP

3072:ds7LMZXdc8hUGULMpyCwekmS1YnkxasKynnCXCEfXurK2bRCZLvqH:dsHMlRpyBmxnSnCXCrK4R8C

Score

N/A

Malware Config

Signatures

Files

18fb2f20f865ef00de1626e5ad617bdd6ca0cfe6bd897d250cb0985d9167b999
.exe windows x86

e48961060f2a472a42980b77a5d02881

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
CreateMailslotW
FindNextChangeNotification
GetCurrencyFormatA
GetVersion
lstrcpynA
GetCommModemStatus
VerifyVersionInfoW
UpdateResourceA
GetLocaleInfoW
PrivCopyFileExW
OpenWaitableTimerW
GetCurrentThread
GetWindowsDirectoryW
GetNumberFormatW
SetConsoleWindowInfo
GetWindowsDirectoryA
SetCurrentDirectoryW
BeginUpdateResourceA
GlobalFlags
FindResourceExA
GetModuleHandleW
LockResource
SetPriorityClass
VerifyVersionInfoA
ReleaseSemaphore
SetTermsrvAppInstallMode
QueryMemoryResourceNotification

userenv

RsopFileAccessCheck
LeaveCriticalPolicySection
GetProfileType
GetPreviousFgPolicyRefreshInfo
ForceSyncFgPolicy
DllRegisterServer
GetUserProfileDirectoryA
WaitForMachinePolicyForegroundProcessing
RefreshPolicyEx
RegisterGPNotification
GetAppliedGPOListA
GetDefaultUserProfileDirectoryW
FreeGPOListW
GetGPOListW
LoadUserProfileA
RefreshPolicy
GetProfilesDirectoryA
GetAllUsersProfileDirectoryW
GetUserProfileDirectoryW
ExpandEnvironmentStringsForUserA
DllUnregisterServer
UnregisterGPNotification
GetDefaultUserProfileDirectoryA
CreateEnvironmentBlock
GetAppliedGPOListW
WaitForUserPolicyForegroundProcessing

mapistub

HrQueryAllRows@24
MNLS_WideCharToMultiByte@32
SzFindLastCh@8
DllGetClassObject
ScLocalPathFromUNC@12
HrSzFromEntryID@12
ScUNCFromLocalPath@12
cmc_list
FPropContainsProp@12
UlPropSize@4
LAUNCHWIZARD
HrAddColumnsEx@20
FBadRowSet@4
LpValFindProp@12
DeinitMapiUtil@0
FixMAPI@0

msvcrt

iswcntrl
_wcsnicoll
__set_app_type
__getmainargs
_wfdopen
_strcmpi
memset
??_Gexception@@UAEPAXI@Z
_wcreat
strstr
_wcstoi64
_flushall
_get_osfhandle
_cwait
_mktemp
_isctype
exit
?_set_new_mode@@YAHH@Z
__p__commode
_flsbuf
localeconv
_outpd
_atoldbl
__wgetmainargs
_outp
_aligned_offset_malloc

kbdgr

KbdLayerDescriptor

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e48961060f2a472a42980b77a5d02881

Headers

File Characteristics

Imports

kernel32

userenv

mapistub

msvcrt

kbdgr

Sections

.text Size: 49KB - Virtual size: 48KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 21KB - Virtual size: 21KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 49KB - Virtual size: 48KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 21KB - Virtual size: 21KB

.rsrc
Size: 3KB - Virtual size: 3KB