007d20703ffa8a1c28f0ce499336b661ad18d36d1d84870c7453feff541c0e03

Sharing

Copy URL Twitter E-mail

General

Target

007d20703ffa8a1c28f0ce499336b661ad18d36d1d84870c7453feff541c0e03
Size

132KB
MD5

0fda5c995c000a34208118bd46594f32
SHA1

65d2e7492fc2fcae01df9ed5629a1cbee9334470
SHA256

007d20703ffa8a1c28f0ce499336b661ad18d36d1d84870c7453feff541c0e03
SHA512

823ed11555b78d960390bdb19f92ede41b0b523c97a4551ada11349d5f6ca46662ec94a92f060ff683f827344abecca00ac320060cae77f9449eadc077af4065
SSDEEP

3072:ds7LMZXdc8hUGULMpyCwekmS1YnkxasKynnCXCEfXurK2bRCZLvq2:dsHMlRpyBmxnSnCXCrK4R8v

Score

N/A

Malware Config

Signatures

Files

007d20703ffa8a1c28f0ce499336b661ad18d36d1d84870c7453feff541c0e03
.exe windows x86

e48961060f2a472a42980b77a5d02881

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
CreateMailslotW
FindNextChangeNotification
GetCurrencyFormatA
GetVersion
lstrcpynA
GetCommModemStatus
VerifyVersionInfoW
UpdateResourceA
GetLocaleInfoW
PrivCopyFileExW
OpenWaitableTimerW
GetCurrentThread
GetWindowsDirectoryW
GetNumberFormatW
SetConsoleWindowInfo
GetWindowsDirectoryA
SetCurrentDirectoryW
BeginUpdateResourceA
GlobalFlags
FindResourceExA
GetModuleHandleW
LockResource
SetPriorityClass
VerifyVersionInfoA
ReleaseSemaphore
SetTermsrvAppInstallMode
QueryMemoryResourceNotification

userenv

RsopFileAccessCheck
LeaveCriticalPolicySection
GetProfileType
GetPreviousFgPolicyRefreshInfo
ForceSyncFgPolicy
DllRegisterServer
GetUserProfileDirectoryA
WaitForMachinePolicyForegroundProcessing
RefreshPolicyEx
RegisterGPNotification
GetAppliedGPOListA
GetDefaultUserProfileDirectoryW
FreeGPOListW
GetGPOListW
LoadUserProfileA
RefreshPolicy
GetProfilesDirectoryA
GetAllUsersProfileDirectoryW
GetUserProfileDirectoryW
ExpandEnvironmentStringsForUserA
DllUnregisterServer
UnregisterGPNotification
GetDefaultUserProfileDirectoryA
CreateEnvironmentBlock
GetAppliedGPOListW
WaitForUserPolicyForegroundProcessing

mapistub

HrQueryAllRows@24
MNLS_WideCharToMultiByte@32
SzFindLastCh@8
DllGetClassObject
ScLocalPathFromUNC@12
HrSzFromEntryID@12
ScUNCFromLocalPath@12
cmc_list
FPropContainsProp@12
UlPropSize@4
LAUNCHWIZARD
HrAddColumnsEx@20
FBadRowSet@4
LpValFindProp@12
DeinitMapiUtil@0
FixMAPI@0

msvcrt

iswcntrl
_wcsnicoll
__set_app_type
__getmainargs
_wfdopen
_strcmpi
memset
??_Gexception@@UAEPAXI@Z
_wcreat
strstr
_wcstoi64
_flushall
_get_osfhandle
_cwait
_mktemp
_isctype
exit
?_set_new_mode@@YAHH@Z
__p__commode
_flsbuf
localeconv
_outpd
_atoldbl
__wgetmainargs
_outp
_aligned_offset_malloc

kbdgr

KbdLayerDescriptor

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e48961060f2a472a42980b77a5d02881

Headers

File Characteristics

Imports

kernel32

userenv

mapistub

msvcrt

kbdgr

Sections

.text Size: 49KB - Virtual size: 48KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 21KB - Virtual size: 21KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 49KB - Virtual size: 48KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 21KB - Virtual size: 21KB

.rsrc
Size: 3KB - Virtual size: 3KB