71c47bfb65c4e99b682fc608da3a082f7f27126fea67173d960b2c0ee789e0a5

Sharing

Copy URL Twitter E-mail

General

Target

71c47bfb65c4e99b682fc608da3a082f7f27126fea67173d960b2c0ee789e0a5
Size

826KB
MD5

6834dcde70ec85e708f969db50896f4e
SHA1

6f3e5b8eb1e5c830edcc94a8438ad043aa6f74e5
SHA256

71c47bfb65c4e99b682fc608da3a082f7f27126fea67173d960b2c0ee789e0a5
SHA512

3d9c35f09d927214fbddd7d17f142bb2373ef46212c7444b323af67124464045567eea609dad2c5393d477533623226acac32458c19ade125f6adc9f51faa8ea
SSDEEP

24576:QYjv4tnqqXjU6O4cwXAqKaGOx8S4fy5xAawbijT/m:Qi4tzlcwwZAdx15jT

Score

N/A

Malware Config

Signatures

Files

71c47bfb65c4e99b682fc608da3a082f7f27126fea67173d960b2c0ee789e0a5
.exe windows x86

569b14f347bf3525acd9164b49b98285

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

cmpbk32

PhoneBookGetPhoneType
PhoneBookGetCountryNameW
PhoneBookFreeFilter
PhoneBookMergeChanges
PhoneBookUnload
PhoneBookParseInfoA
PhoneBookGetPhoneDispA
PhoneBookHasPhoneType
PhoneBookGetPhoneDUNA
PhoneBookGetPhoneCanonicalA
PhoneBookEnumCountries
PhoneBookGetRegionNameA
PhoneBookEnumNumbers
PhoneBookGetCountryId
PhoneBookLoad
PhoneBookGetCountryNameA
PhoneBookGetPhoneDescA
PhoneBookMatchFilter
PhoneBookEnumRegions
PhoneBookGetCurrentCountryId
PhoneBookGetPhoneNonCanonicalA
PhoneBookEnumNumbersWithRegionsZero
PhoneBookCopyFilter

odbctrac

TraceSQLGetConnectAttr
TraceSQLNumParams
TraceSQLAllocHandleStdW
TraceSQLPrepareW
TraceSQLPrimaryKeys
TraceSQLGetCursorNameW
TraceSQLNativeSqlW
TraceSQLProcedureColumns
TraceSQLAllocHandleStd
TraceSQLGetDescFieldW
TraceSQLErrorW
TraceSQLColumnPrivilegesW
TraceSQLTransact
TraceVSControl
TraceSQLRowCount
TraceSQLGetConnectAttrW
TraceSQLConnect
TraceSQLCloseCursor
TraceSQLTables
TraceSQLExecDirectW
TraceSQLAllocEnv
TraceSQLGetDescRecW
TraceSQLSpecialColumns
TraceSQLSetEnvAttr
TraceSQLColAttribute
TraceSQLSpecialColumnsW

esent

JetMove
JetSetLS
JetCloseFileInstance
JetSetColumnDefaultValue
JetGetCounter
JetRetrieveKey
JetInit@4
JetGetAttachInfoInstance
JetSnapshotStop
JetTerm@4
JetBeginTransaction

msoert2

IDrawText
MessageBoxInst
PszDupW
WriteStreamToFileW
HrStreamSeekBegin
HrCreatePhonebookEntry
HrBSTRToLPSZ
OpenFileStreamShare
HrStreamSeekSet
FIsEmptyW
HrFillRasCombo
strtrim
IUnknownList_CreateInstance
RicheditStreamIn
HrGetCertificateParam
ReplaceChars
HrCopyStreamCB

kernel32

SetFileApisToANSI
PrivMoveFileIdentityW
FreeConsole
CloseHandle
GetProcessAffinityMask
CreateToolhelp32Snapshot
GetLogicalDriveStringsW
CreateDirectoryExW
HeapCreate
IsWow64Process
LoadLibraryW
CommConfigDialogW
GetVolumeNameForVolumeMountPointA
GetOEMCP
DeleteFileW
RemoveDirectoryW

msvcirt

?allocate@streambuf@@IAEHXZ
??_Gstreambuf@@UAEPAXI@Z
??0ofstream@@QAE@XZ
??6ostream@@QAEAAV0@PBD@Z
??0fstream@@QAE@ABV0@@Z
??_Gexception@@UAEPAXI@Z
??_Difstream@@QAEXXZ
??_7ofstream@@6B@
??_7logic_error@@6B@
?freeze@strstreambuf@@QAEXH@Z
??1logic_error@@UAE@XZ
??0ostream_withassign@@QAE@XZ
?writepad@ostream@@AAEAAV1@PBD0@Z
?setmode@filebuf@@QAEHH@Z
??0Iostream_init@@QAE@AAVios@@H@Z
??1streambuf@@UAE@XZ
??0ostream@@IAE@ABV0@@Z
?sputbackc@streambuf@@QAEHD@Z
?x_curindex@ios@@0HA
??4Iostream_init@@QAEAAV0@ABV0@@Z

Sections

.text
Size: 372KB - Virtual size: 372KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

569b14f347bf3525acd9164b49b98285

Headers

DLL Characteristics

File Characteristics

Imports

cmpbk32

odbctrac

esent

msoert2

kernel32

msvcirt

Sections

.text Size: 372KB - Virtual size: 372KB

.rdata Size: 145KB - Virtual size: 145KB

.data Size: 189KB - Virtual size: 1.5MB

.rsrc Size: 117KB - Virtual size: 117KB

.reloc Size: 1024B - Virtual size: 840B

.text
Size: 372KB - Virtual size: 372KB

.rdata
Size: 145KB - Virtual size: 145KB

.data
Size: 189KB - Virtual size: 1.5MB

.rsrc
Size: 117KB - Virtual size: 117KB

.reloc
Size: 1024B - Virtual size: 840B