6d78e935ce68a132e52d425c99527959dc38e0e48563787bf80fa9ec95b46e1e

General

Target

6d78e935ce68a132e52d425c99527959dc38e0e48563787bf80fa9ec95b46e1e
Size

72KB
MD5

858a2b5dd5599a3b4faf8258c472f51d
SHA1

bfb7299a9391aabaf353281702e07d084f6cef48
SHA256

6d78e935ce68a132e52d425c99527959dc38e0e48563787bf80fa9ec95b46e1e
SHA512

389e2706747f83d8392404e7a35fdf261014f10249441eb8c5f1449850d046c19a1db747b6d45dec596c23346353972e6304c7577096c66bb054749ded559a05
SSDEEP

768:iT92JMvCqIepgmKSXcDBDXYNdmXmTGzI2ZMLGVvFcFyR/OLeX106oSNVEKr+dS26:iT9frFoDYNwXOkIt+SsueXfVGu3Up6v

Score

N/A

Malware Config

Signatures

Files

6d78e935ce68a132e52d425c99527959dc38e0e48563787bf80fa9ec95b46e1e
.exe windows x86

d2497cc86527a8b8f9a0dd099647ba60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dbnmpntw

ConnectionWrite
ConnectionVer
ConnectionClose
ConnectionRead

cryptdll

CDBuildVect
CDLocateRng
MD5Update
MD5Final
MD5Init

cmpbk32

PhoneBookFreeFilter
PhoneBookLoad
PhoneBookEnumCountries
PhoneBookEnumNumbers

kernel32

GetProcessHeap
GetDateFormatA
GetLastError
CreateMutexA
lstrcpynW
DeviceIoControl
OpenMutexW
GetTickCount
ReplaceFileW
SetEnvironmentVariableW
GetFileSize
GetSystemTime
GetProcAddress
GetCurrentDirectoryW
HeapAlloc
GetModuleHandleA
ReadFile
CreateWaitableTimerA
FindFirstFileW
DeleteFileA
GetLogicalDriveStringsA
CreateSemaphoreW
CreateDirectoryA
GetStartupInfoA
SearchPathA
GetShortPathNameA
WriteConsoleW
FormatMessageA
lstrcmpA
InitializeCriticalSection
WaitForSingleObjectEx
CompareStringA
GetLocalTime
GetLocaleInfoW

user32

LoadStringA
PostMessageW
DrawIcon
IsDialogMessageA
PeekMessageW
LoadImageA
DispatchMessageW
wsprintfW
DefDlgProcA
DrawTextA
CharToOemA
LoadCursorW
GetKeyNameTextA
IsCharUpperA
FindWindowA
GetClassInfoA
GetMessageA

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2497cc86527a8b8f9a0dd099647ba60

Headers

File Characteristics

Imports

dbnmpntw

cryptdll

cmpbk32

kernel32

user32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 6KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 24KB - Virtual size: 20KB