61e8e3eaf0cd8f5b2d17844fb1e217f613dc03ef9c6fd913b2cfdf1dcff6e307

Sharing

Copy URL Twitter E-mail

General

Target

61e8e3eaf0cd8f5b2d17844fb1e217f613dc03ef9c6fd913b2cfdf1dcff6e307
Size

837KB
MD5

2ea7e7aa635e852ecb9c8cc553367ceb
SHA1

5053f9a7ee954b48f2c8fe6a8db408fbb3be4641
SHA256

61e8e3eaf0cd8f5b2d17844fb1e217f613dc03ef9c6fd913b2cfdf1dcff6e307
SHA512

aab23ef0d9d59d19e9d37bf3b15dd2149e38660034118d48ee4bb3f3391fe5ec6e00be406b58e81e9892a42086840b4835a09c4af9f0b2448911775145a9f0c9
SSDEEP

24576:0kHpKyTHd8lyW9IOcs3BgvSHRVQGt9IgXBG/Pr:hHpKagWOCS59IGA7

Score

N/A

Malware Config

Signatures

Files

61e8e3eaf0cd8f5b2d17844fb1e217f613dc03ef9c6fd913b2cfdf1dcff6e307
.exe windows x86

3b461477ed69817249eb141bb4305466

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

cmpbk32

PhoneBookMergeChanges
PhoneBookGetCountryId
PhoneBookGetPhoneType
PhoneBookParseInfoA
PhoneBookGetCurrentCountryId
PhoneBookHasPhoneType
PhoneBookEnumNumbers
PhoneBookLoad
PhoneBookGetPhoneDescA
PhoneBookGetCountryNameW
PhoneBookGetPhoneDispA
PhoneBookGetCountryNameA
PhoneBookEnumNumbersWithRegionsZero

odbctrac

TraceSQLGetDescRec
TraceSQLSetConnectAttrW
TraceSQLFetchScroll
TraceSQLDriverConnect
TraceSQLFreeStmt
TraceSQLAllocConnect
TraceSQLExecute
TraceSQLSetParam
TraceSQLGetDescRecW
TraceSQLColAttributesW
TraceSQLSetConnectAttr

esent

JetGetLogInfoInstance2
JetAttachDatabase
JetSetColumns
JetCompact
JetGetAttachInfoInstance
JetRetrieveKey
JetBeginExternalBackup
JetDupCursor
JetSetCurrentIndex4
JetCommitTransaction@8
JetEnumerateColumns
JetCloseDatabase
JetSetCurrentIndex
JetRetrieveColumn@32
JetResetTableSequential
JetDefragment2
JetGetColumnInfo
JetGetLogInfo
JetCreateTableColumnIndex2
ese
JetDeleteColumn
JetCloseTable@8
JetCreateInstance
JetEndSession
JetEndSession@8
JetGetLS
JetDefragment

kernel32

GetSystemDirectoryA
IsDBCSLeadByte
LoadLibraryW
InitializeCriticalSection
LZSeek
GetUserDefaultLCID
SetFilePointer
WriteTapemark
FindResourceW
GetTickCount
GetDefaultCommConfigA
lstrcpynA
OpenSemaphoreA
GetExitCodeThread
GetCommandLineW
CreateSemaphoreA
WTSGetActiveConsoleSessionId
SetHandleInformation
LocalSize
DebugActiveProcess
VerifyVersionInfoW
GetNextVDMCommand
GetCalendarInfoA
GetSystemDirectoryW
SetUserGeoID
EnumResourceLanguagesW
GetProcessHeap

shlwapi

SHDeleteValueA
PathRemoveFileSpecA
UrlGetPartA
PathAddExtensionW
PathCommonPrefixW
StrDupW
PathFindNextComponentW
PathIsUNCServerA
UrlCombineA
ChrCmpIA
DllGetVersion
StrCmpNIA
AssocQueryStringByKeyW
PathRemoveBlanksA
UrlGetLocationW
StrCmpIW
UrlCombineW
UrlCreateFromPathW
PathIsUNCW
HashData
PathUnExpandEnvStringsW
SHGetThreadRef
StrFormatKBSizeW

ifsutil

?QueryCanonicalNtDriveName@IFS_SYSTEM@@SGEPBVWSTRING@@PAV2@@Z
?RemoveEdge@DIGRAPH@@QAEEKK@Z
?Initialize@MOUNT_POINT_MAP@@QAEEXZ
?AddVolumeName@MOUNT_POINT_MAP@@QAEEPAVWSTRING@@0@Z
?AddNext@NUMBER_SET@@QAEEVBIG_INT@@@Z
?SetVolumeLabelAndPrintFormatReport@VOL_LIODPDRV@@QAEEPBVWSTRING@@PAVMESSAGE@@@Z
?IsATformat@DP_DRIVE@@QBEEXZ
?Add@NUMBER_SET@@QAEEVBIG_INT@@0@Z
?CheckAndRemove@SPARSE_SET@@QAEEVBIG_INT@@PAE@Z
?DeleteEntry@AUTOREG@@SGEPBVWSTRING@@0@Z
?QueryNumber@NUMBER_SET@@QBE?AVBIG_INT@@V2@@Z
?IsEntryPresent@AUTOREG@@SGEPBVWSTRING@@@Z
??0SUPERAREA@@IAE@XZ

Sections

.text
Size: 370KB - Virtual size: 370KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b461477ed69817249eb141bb4305466

Headers

DLL Characteristics

File Characteristics

Imports

cmpbk32

odbctrac

esent

kernel32

shlwapi

ifsutil

Sections

.text Size: 370KB - Virtual size: 370KB

.rdata Size: 152KB - Virtual size: 151KB

.data Size: 157KB - Virtual size: 1.6MB

.rsrc Size: 155KB - Virtual size: 154KB

.reloc Size: 1024B - Virtual size: 976B

.text
Size: 370KB - Virtual size: 370KB

.rdata
Size: 152KB - Virtual size: 151KB

.data
Size: 157KB - Virtual size: 1.6MB

.rsrc
Size: 155KB - Virtual size: 154KB

.reloc
Size: 1024B - Virtual size: 976B