c0b810a64413486f6ce872c3e2d3914b1c06982e4fe7dd57bfbecf70df103045

Sharing

Copy URL Twitter E-mail

General

Target

c0b810a64413486f6ce872c3e2d3914b1c06982e4fe7dd57bfbecf70df103045
Size

132KB
MD5

bd619b0c216cfde42103a3adcb67d215
SHA1

51697d655da993de25464484d1a60d87a67e5280
SHA256

c0b810a64413486f6ce872c3e2d3914b1c06982e4fe7dd57bfbecf70df103045
SHA512

0a2cad0a402652e034c01736e783466c009d3a9967629ebe582a09704678244314e3a1e7378bd5c78db1af7eae7606243571a5827e96a4a6718d17801a710c06
SSDEEP

3072:ds7LMZXdc8hUGULMpyCwekmS1YnkxasKynnCXCEfXurK2bRCZLvqD:dsHMlRpyBmxnSnCXCrK4R8m

Score

N/A

Malware Config

Signatures

Files

c0b810a64413486f6ce872c3e2d3914b1c06982e4fe7dd57bfbecf70df103045
.exe windows x86

e48961060f2a472a42980b77a5d02881

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
CreateMailslotW
FindNextChangeNotification
GetCurrencyFormatA
GetVersion
lstrcpynA
GetCommModemStatus
VerifyVersionInfoW
UpdateResourceA
GetLocaleInfoW
PrivCopyFileExW
OpenWaitableTimerW
GetCurrentThread
GetWindowsDirectoryW
GetNumberFormatW
SetConsoleWindowInfo
GetWindowsDirectoryA
SetCurrentDirectoryW
BeginUpdateResourceA
GlobalFlags
FindResourceExA
GetModuleHandleW
LockResource
SetPriorityClass
VerifyVersionInfoA
ReleaseSemaphore
SetTermsrvAppInstallMode
QueryMemoryResourceNotification

userenv

RsopFileAccessCheck
LeaveCriticalPolicySection
GetProfileType
GetPreviousFgPolicyRefreshInfo
ForceSyncFgPolicy
DllRegisterServer
GetUserProfileDirectoryA
WaitForMachinePolicyForegroundProcessing
RefreshPolicyEx
RegisterGPNotification
GetAppliedGPOListA
GetDefaultUserProfileDirectoryW
FreeGPOListW
GetGPOListW
LoadUserProfileA
RefreshPolicy
GetProfilesDirectoryA
GetAllUsersProfileDirectoryW
GetUserProfileDirectoryW
ExpandEnvironmentStringsForUserA
DllUnregisterServer
UnregisterGPNotification
GetDefaultUserProfileDirectoryA
CreateEnvironmentBlock
GetAppliedGPOListW
WaitForUserPolicyForegroundProcessing

mapistub

HrQueryAllRows@24
MNLS_WideCharToMultiByte@32
SzFindLastCh@8
DllGetClassObject
ScLocalPathFromUNC@12
HrSzFromEntryID@12
ScUNCFromLocalPath@12
cmc_list
FPropContainsProp@12
UlPropSize@4
LAUNCHWIZARD
HrAddColumnsEx@20
FBadRowSet@4
LpValFindProp@12
DeinitMapiUtil@0
FixMAPI@0

msvcrt

iswcntrl
_wcsnicoll
__set_app_type
__getmainargs
_wfdopen
_strcmpi
memset
??_Gexception@@UAEPAXI@Z
_wcreat
strstr
_wcstoi64
_flushall
_get_osfhandle
_cwait
_mktemp
_isctype
exit
?_set_new_mode@@YAHH@Z
__p__commode
_flsbuf
localeconv
_outpd
_atoldbl
__wgetmainargs
_outp
_aligned_offset_malloc

kbdgr

KbdLayerDescriptor

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e48961060f2a472a42980b77a5d02881

Headers

File Characteristics

Imports

kernel32

userenv

mapistub

msvcrt

kbdgr

Sections

.text Size: 49KB - Virtual size: 48KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 21KB - Virtual size: 21KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 49KB - Virtual size: 48KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 21KB - Virtual size: 21KB

.rsrc
Size: 3KB - Virtual size: 3KB