a6f02673bc70d79a808010f387b0cc18b7e1b98ce25c7dadebd4e6afb07e11cf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a6f02673bc70d79a808010f387b0cc18b7e1b98ce25c7dadebd4e6afb07e11cf
Size

497KB
MD5

3bc1f80cf32b639132b778fcbb89ce40
SHA1

caa05120eecc0e5dc4f25a03965dd235ebbf6928
SHA256

a6f02673bc70d79a808010f387b0cc18b7e1b98ce25c7dadebd4e6afb07e11cf
SHA512

41acaced53e20c069f7a611a0d8c97de9a39101c30453beb757e0d63bdbda6da6d242b00bdafdeebe9b006a4560937439ed330a175dcfc1a123a35cf0bfb147a
SSDEEP

12288:asWIU4UzpDJLbArJuEz+Wj9aiMmvXLYLbZyz:a7z2daN7Y7+4

Score

N/A

Malware Config

Signatures

Files

a6f02673bc70d79a808010f387b0cc18b7e1b98ce25c7dadebd4e6afb07e11cf
.exe windows x86

99380cc73c60dcb1b2ac1c2326720a49

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetBinaryTypeW
lstrcmpiA
CreateWaitableTimerW
SetLastError
lstrcmpiA
GetProcessHeap
TlsFree
GetStdHandle
lstrlenA
GetLogicalDrives
GetExitCodeProcess
lstrcmpiA
Sleep
GetPrivateProfileStringW
IsValidCodePage
EndUpdateResourceW
lstrcmpiA
lstrcmpiA
CreateNamedPipeA
HeapCreate
GetDriveTypeA
GetModuleHandleA
FileTimeToLocalFileTime

odbctrac

TraceSQLCancel
TraceSQLError
TraceVersion
TraceSQLConnect

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 490KB - Virtual size: 490KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 1024B - Virtual size: 631B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE