5107527b3990e2913da4a043285c54f561e575d4a2a09dab25850d4d38fb1ff3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5107527b3990e2913da4a043285c54f561e575d4a2a09dab25850d4d38fb1ff3
Size

812KB
MD5

6fb0a642249fbe44eee46fc0869178f6
SHA1

751221d4473cb0a503e530de331a04bee2d56d14
SHA256

5107527b3990e2913da4a043285c54f561e575d4a2a09dab25850d4d38fb1ff3
SHA512

a1744d53e04b3d83444c435dd2424c2319488171c1a409f1d1d3452db18f8e1d3b9de3aa76d3e17815d0ef84c9c95c06d0486c9c490bc7dd0573fbc1ccce6933
SSDEEP

12288:P/tDH1PGJyVIfiXXwDEOia99vPjpUKbgeNhvNMMlsKN1zlKCJtrFGzuVa2M3Omrt:dDZVI6XXXd6SKbHt4CJtrFynOmB

Score

N/A

Malware Config

Signatures

Files

5107527b3990e2913da4a043285c54f561e575d4a2a09dab25850d4d38fb1ff3
.exe windows x86

ac081e9c60cc13fa6c5e335b564bbc7d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetLogicalDrives
OpenMutexW
lstrcpyW
SetCurrentDirectoryW
GetFileAttributesA
GetLogicalDriveStringsW
LoadLibraryA
GetLogicalDrives
CreateEventA
GetStdHandle
GetStringTypeA
GetLogicalDrives
GetLogicalDrives
GetLogicalDrives
GetVersion
VirtualProtect

sqlsrv32

SQLFetch
SQLBindCol
SQLDisconnect
SQLCancel

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 802KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE