581bd3ca62284e4ed26bde4dc6524e427e198c6cf6d7115ff276f1ffabbe6bc3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

581bd3ca62284e4ed26bde4dc6524e427e198c6cf6d7115ff276f1ffabbe6bc3
Size

498KB
MD5

ef0c28e9198653765f50bbdf7abbcaac
SHA1

888b94bbfbf440e3bca17ee13a7bb655a415cd49
SHA256

581bd3ca62284e4ed26bde4dc6524e427e198c6cf6d7115ff276f1ffabbe6bc3
SHA512

7828c21cfa1e015588436ffa6a8358652ea358a95d769abd1af69ab2b8a5f9ae3f95ab286e36f7e9215c8aa8f8b9836394d36137723b10005a6a422dd97b2d6c
SSDEEP

12288:hWIU4UzpDJLbArJuEz+Wj9aiMmvXLYLbZyz:kz2daN7Y7+4

Score

N/A

Malware Config

Signatures

Files

581bd3ca62284e4ed26bde4dc6524e427e198c6cf6d7115ff276f1ffabbe6bc3
.exe windows x86

e2d278e5b1f3f3d10bb4956a53c12613

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetBinaryTypeW
lstrcmpiA
GetExitCodeProcess
IsValidCodePage
FileTimeToLocalFileTime
lstrcmpiA
lstrcmpiA
lstrlenA
GetStdHandle
CreateNamedPipeA
GetModuleFileNameA
GetDriveTypeA
SetLastError
CreateWaitableTimerW
SuspendThread
Sleep
lstrcmpiA
lstrcmpiA
GetLogicalDrives
GetModuleHandleA
EndUpdateResourceW
HeapCreate
GetProcessHeap

odbctrac

TraceSQLConnect
TraceVersion
TraceSQLCancel
TraceSQLError

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 490KB - Virtual size: 490KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xml
Size: 1024B - Virtual size: 631B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE