63198be03d7d6947a72caa94a677849a93d40bf31ffb0ab3e1a144075f8afa90 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

63198be03d7d6947a72caa94a677849a93d40bf31ffb0ab3e1a144075f8afa90
Size

57KB
MD5

b5aeb89f7385fc254a7f84cb4e76e6bf
SHA1

354ee83893dbb0a2e2bcdf61a3cbe278b2aa7a30
SHA256

63198be03d7d6947a72caa94a677849a93d40bf31ffb0ab3e1a144075f8afa90
SHA512

f316ac59a826e80e98dfc840b1dfc4ca02ffd480c9c9a65a161f3a6db11bf525327db366ff5dc9cacc5fb12595ece40a944f8cdb8afdae0afbad6fc72b73617a
SSDEEP

1536:qMRXl6rcMieoHdMoEPACeDYickKQgHm+Jf6gUH1QZ6:qMRXEiZyoE4oisG+EVQ

Score

N/A

Malware Config

Signatures

Files

63198be03d7d6947a72caa94a677849a93d40bf31ffb0ab3e1a144075f8afa90
.exe windows x86

21fad4446d059bd3c376e0e21a59bd98

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
SuspendThread
EndUpdateResourceW
lstrcmpiA
Sleep
CreateWaitableTimerW
GetBinaryTypeW
FileTimeToLocalFileTime
GetLogicalDrives
SetLastError
CreateNamedPipeA
HeapCreate
GetStdHandle
lstrlenA
lstrcmpiA
lstrcmpiA
GetDriveTypeA
IsValidCodePage
GetModuleHandleA
GetProcessHeap
lstrcmpiA
GetExitCodeProcess
lstrcmpiA

odbctrac

TraceSQLError
TraceSQLConnect
TraceVersion
TraceSQLCancel

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xml
Size: 1024B - Virtual size: 631B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE