abb86c20ca68c598a6acc162feddcf20c8732be91b860ae17768f5aec6f5f065

Sharing

Copy URL Twitter E-mail

General

Target

abb86c20ca68c598a6acc162feddcf20c8732be91b860ae17768f5aec6f5f065
Size

494KB
MD5

6d66c6874e6292bf483565c62e3c832a
SHA1

3b09a3cb5808c717455c53a1af21dc7599fed347
SHA256

abb86c20ca68c598a6acc162feddcf20c8732be91b860ae17768f5aec6f5f065
SHA512

3afec6d07ceba508654e2ebccd18079fb4de01cd1ca4dee5e2e58bb5ba863ec6146f0abb6bc1846dc92274f30bc7939a399d83fc1ba3686abd4ca81c26a19d2f
SSDEEP

12288:0FOsqELTHU63kpH4gNeOacTVxBX3zy9c6Xy:GqEcpeOaQOuSy

Score

N/A

Malware Config

Signatures

Files

abb86c20ca68c598a6acc162feddcf20c8732be91b860ae17768f5aec6f5f065
.exe windows x86

e55ff1df89baf35f6e13913208a7b29b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

esent

JetDeleteIndex
JetEnumerateColumns
JetOpenFileInstance
JetRetrieveColumn@32
JetRetrieveColumns
JetOpenTempTable
JetUnregisterCallback
JetAddColumn
JetSetTableSequential
JetExternalRestore2
JetRegisterCallback
JetSetColumnDefaultValue
JetGetCursorInfo
JetRenameTable
JetDefragment
JetBeginSession
JetGetTableInfo

cmpbk32

PhoneBookGetPhoneDispA
PhoneBookParseInfoA
PhoneBookLoad
PhoneBookGetCountryNameW
PhoneBookHasPhoneType
PhoneBookGetRegionNameA
PhoneBookEnumRegions
PhoneBookGetPhoneDescA
PhoneBookMatchFilter
PhoneBookEnumNumbers
PhoneBookUnload
PhoneBookGetCountryNameA
PhoneBookMergeChanges
PhoneBookGetPhoneType
PhoneBookCopyFilter

kernel32

GetFileType
WriteConsoleW
GetStartupInfoW
GetLastError
lstrcatA
LocalAlloc
DnsHostnameToComputerNameW
GetSystemWow64DirectoryW
GetThreadSelectorEntry
LoadLibraryA
GetExitCodeThread
GetSystemTimeAsFileTime
OpenFileMappingA

oleaut32

VarCyFromI2
VarR4FromI4
VarUI8FromUI2
VarR8FromI4
SafeArrayLock
VarSub
VarUI8FromR4
VarI8FromI2
SafeArrayGetLBound
VarUI1FromUI8
BSTR_UserUnmarshal
VarUI2FromDec
VarBstrCmp
VarBoolFromI1
VarDateFromUdate

msvcrt

memmove
wcscoll
__set_app_type
wcsxfrm
_spawnvp
__getmainargs
_wsopen
_ismbbkprint
_utime64
__unguarded_readlc_active
_CIpow
_endthreadex
_sys_nerr
_lseeki64
_ismbclegal
??_Gbad_cast@@UAEPAXI@Z
_adj_fprem
__p__commode
_local_unwind2
exit

user32

EndDialog

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e55ff1df89baf35f6e13913208a7b29b

Headers

File Characteristics

Imports

esent

cmpbk32

kernel32

oleaut32

msvcrt

user32

Sections

.text Size: 120KB - Virtual size: 120KB

.rdata Size: 160KB - Virtual size: 160KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 111KB - Virtual size: 111KB

.text
Size: 120KB - Virtual size: 120KB

.rdata
Size: 160KB - Virtual size: 160KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 111KB - Virtual size: 111KB