54f48c849d47325f13d70bb4af2b9905b80606c4eadbef25aa34821723db3cc2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

54f48c849d47325f13d70bb4af2b9905b80606c4eadbef25aa34821723db3cc2
Size

212KB
MD5

2cbb5c61e50281f3becd3938595912a5
SHA1

5a3b79b4cdfe0e88b7f4066a757c4e1d305594e5
SHA256

54f48c849d47325f13d70bb4af2b9905b80606c4eadbef25aa34821723db3cc2
SHA512

9b71563c6fb83ff6db3eb10c8fec4fbc44c6c1884dff0b23e9a399e3315da2cc3142766a8bb219ff50cf439613b044ad1e575568a0fa516806923cb7ecbf86bc
SSDEEP

3072:xaYmUpl26gnz5oQiWGbeq3xeqllGSWa3z:0s26yineGeqHGha

Score

N/A

Malware Config

Signatures

Files

54f48c849d47325f13d70bb4af2b9905b80606c4eadbef25aa34821723db3cc2
.exe windows x86

1d13bdde37049e0f84f20fdb72b9dbbb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

sqllib18

sqlcxt
sqlbuft

kernel32

WriteFile
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
GetProcAddress
GetModuleHandleA
GetLastError
GetFileAttributesA
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
SetEnvironmentVariableA
HeapReAlloc
MultiByteToWideChar
HeapAlloc
SetFilePointer
CloseHandle
CreateFileA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
FlushFileBuffers
LoadLibraryA
GetStringTypeA
GetStringTypeW
ReadFile
LCMapStringA
LCMapStringW
SetStdHandle
SetEndOfFile
CompareStringA
CompareStringW

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE