7ad645f3ceb08680895cb840557c41250dfaefd6566f09eef5b39f3693a5cd15

Sharing

Copy URL

Twitter E-mail

General

Target

7ad645f3ceb08680895cb840557c41250dfaefd6566f09eef5b39f3693a5cd15
Size

132KB
MD5

328db0b2540dcbd9d7de4c6470c9467e
SHA1

9ae8b208cf7a12e5616648b092812f9fa5ce16ed
SHA256

7ad645f3ceb08680895cb840557c41250dfaefd6566f09eef5b39f3693a5cd15
SHA512

ba0109f86d1173b9ff65ff06eb8f833619366012d0334ea7504299c819f1debcb323dd09c59d60469c7ac35a164d82a692be18494eaa087f6c1557bd0ae5f6d4
SSDEEP

3072:ds7LMZXdc8hUGULMpyCwekmS1YnkxasKynnCXCEfXurK2bRCZLvq1:dsHMlRpyBmxnSnCXCrK4R8Y

Score

N/A

Malware Config

Signatures

Files

7ad645f3ceb08680895cb840557c41250dfaefd6566f09eef5b39f3693a5cd15
.exe windows x86

e48961060f2a472a42980b77a5d02881

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
CreateMailslotW
FindNextChangeNotification
GetCurrencyFormatA
GetVersion
lstrcpynA
GetCommModemStatus
VerifyVersionInfoW
UpdateResourceA
GetLocaleInfoW
PrivCopyFileExW
OpenWaitableTimerW
GetCurrentThread
GetWindowsDirectoryW
GetNumberFormatW
SetConsoleWindowInfo
GetWindowsDirectoryA
SetCurrentDirectoryW
BeginUpdateResourceA
GlobalFlags
FindResourceExA
GetModuleHandleW
LockResource
SetPriorityClass
VerifyVersionInfoA
ReleaseSemaphore
SetTermsrvAppInstallMode
QueryMemoryResourceNotification

userenv

RsopFileAccessCheck
LeaveCriticalPolicySection
GetProfileType
GetPreviousFgPolicyRefreshInfo
ForceSyncFgPolicy
DllRegisterServer
GetUserProfileDirectoryA
WaitForMachinePolicyForegroundProcessing
RefreshPolicyEx
RegisterGPNotification
GetAppliedGPOListA
GetDefaultUserProfileDirectoryW
FreeGPOListW
GetGPOListW
LoadUserProfileA
RefreshPolicy
GetProfilesDirectoryA
GetAllUsersProfileDirectoryW
GetUserProfileDirectoryW
ExpandEnvironmentStringsForUserA
DllUnregisterServer
UnregisterGPNotification
GetDefaultUserProfileDirectoryA
CreateEnvironmentBlock
GetAppliedGPOListW
WaitForUserPolicyForegroundProcessing

mapistub

HrQueryAllRows@24
MNLS_WideCharToMultiByte@32
SzFindLastCh@8
DllGetClassObject
ScLocalPathFromUNC@12
HrSzFromEntryID@12
ScUNCFromLocalPath@12
cmc_list
FPropContainsProp@12
UlPropSize@4
LAUNCHWIZARD
HrAddColumnsEx@20
FBadRowSet@4
LpValFindProp@12
DeinitMapiUtil@0
FixMAPI@0

msvcrt

iswcntrl
_wcsnicoll
__set_app_type
__getmainargs
_wfdopen
_strcmpi
memset
??_Gexception@@UAEPAXI@Z
_wcreat
strstr
_wcstoi64
_flushall
_get_osfhandle
_cwait
_mktemp
_isctype
exit
?_set_new_mode@@YAHH@Z
__p__commode
_flsbuf
localeconv
_outpd
_atoldbl
__wgetmainargs
_outp
_aligned_offset_malloc

kbdgr

KbdLayerDescriptor

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e48961060f2a472a42980b77a5d02881

Headers

File Characteristics

Imports

kernel32

userenv

mapistub

msvcrt

kbdgr

Sections

.text Size: 49KB - Virtual size: 48KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 21KB - Virtual size: 21KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 49KB - Virtual size: 48KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 21KB - Virtual size: 21KB

.rsrc
Size: 3KB - Virtual size: 3KB