af72381e0c3ccd4017b5f1246f236fddfe5dee964cfa51c4ae44955d1e53857d

Sharing

Copy URL Twitter E-mail

General

Target

af72381e0c3ccd4017b5f1246f236fddfe5dee964cfa51c4ae44955d1e53857d
Size

132KB
MD5

ba2cd143245bd19d2665a43bfb71e1e2
SHA1

29b34759ded4d6219756850925cddc78333ce093
SHA256

af72381e0c3ccd4017b5f1246f236fddfe5dee964cfa51c4ae44955d1e53857d
SHA512

40f8bb30f317a9d53bcfe507f29270277387b73540a685a512774a70613c3067135d81b8c18ed1d4fef5cfdd1580deb2fdc2deaa1e19ec7cf706d80dbfa63b03
SSDEEP

3072:ds7LMZXdc8hUGULMpyCwekmS1YnkxasKynnCXCEfXurK2bRCZLvqm:dsHMlRpyBmxnSnCXCrK4R8X

Score

N/A

Malware Config

Signatures

Files

af72381e0c3ccd4017b5f1246f236fddfe5dee964cfa51c4ae44955d1e53857d
.exe windows x86

e48961060f2a472a42980b77a5d02881

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
CreateMailslotW
FindNextChangeNotification
GetCurrencyFormatA
GetVersion
lstrcpynA
GetCommModemStatus
VerifyVersionInfoW
UpdateResourceA
GetLocaleInfoW
PrivCopyFileExW
OpenWaitableTimerW
GetCurrentThread
GetWindowsDirectoryW
GetNumberFormatW
SetConsoleWindowInfo
GetWindowsDirectoryA
SetCurrentDirectoryW
BeginUpdateResourceA
GlobalFlags
FindResourceExA
GetModuleHandleW
LockResource
SetPriorityClass
VerifyVersionInfoA
ReleaseSemaphore
SetTermsrvAppInstallMode
QueryMemoryResourceNotification

userenv

RsopFileAccessCheck
LeaveCriticalPolicySection
GetProfileType
GetPreviousFgPolicyRefreshInfo
ForceSyncFgPolicy
DllRegisterServer
GetUserProfileDirectoryA
WaitForMachinePolicyForegroundProcessing
RefreshPolicyEx
RegisterGPNotification
GetAppliedGPOListA
GetDefaultUserProfileDirectoryW
FreeGPOListW
GetGPOListW
LoadUserProfileA
RefreshPolicy
GetProfilesDirectoryA
GetAllUsersProfileDirectoryW
GetUserProfileDirectoryW
ExpandEnvironmentStringsForUserA
DllUnregisterServer
UnregisterGPNotification
GetDefaultUserProfileDirectoryA
CreateEnvironmentBlock
GetAppliedGPOListW
WaitForUserPolicyForegroundProcessing

mapistub

HrQueryAllRows@24
MNLS_WideCharToMultiByte@32
SzFindLastCh@8
DllGetClassObject
ScLocalPathFromUNC@12
HrSzFromEntryID@12
ScUNCFromLocalPath@12
cmc_list
FPropContainsProp@12
UlPropSize@4
LAUNCHWIZARD
HrAddColumnsEx@20
FBadRowSet@4
LpValFindProp@12
DeinitMapiUtil@0
FixMAPI@0

msvcrt

iswcntrl
_wcsnicoll
__set_app_type
__getmainargs
_wfdopen
_strcmpi
memset
??_Gexception@@UAEPAXI@Z
_wcreat
strstr
_wcstoi64
_flushall
_get_osfhandle
_cwait
_mktemp
_isctype
exit
?_set_new_mode@@YAHH@Z
__p__commode
_flsbuf
localeconv
_outpd
_atoldbl
__wgetmainargs
_outp
_aligned_offset_malloc

kbdgr

KbdLayerDescriptor

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e48961060f2a472a42980b77a5d02881

Headers

File Characteristics

Imports

kernel32

userenv

mapistub

msvcrt

kbdgr

Sections

.text Size: 49KB - Virtual size: 48KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 21KB - Virtual size: 21KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 49KB - Virtual size: 48KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 21KB - Virtual size: 21KB

.rsrc
Size: 3KB - Virtual size: 3KB