75cb80a0244999361cd939745f1f302f73b9c2e1771de8c23e6dba3a031085c1

Sharing

Copy URL Twitter E-mail

General

Target

75cb80a0244999361cd939745f1f302f73b9c2e1771de8c23e6dba3a031085c1
Size

116KB
MD5

105b619e6b422f008031c1e0c5cb632d
SHA1

442b928765f90d17eda7ecbccf065a4ff78e92d5
SHA256

75cb80a0244999361cd939745f1f302f73b9c2e1771de8c23e6dba3a031085c1
SHA512

d47c80c85a6244ef5dde7e6cff53cb00b8386f2ba6571a5ee00f649d23e144b2601f64d7d553f507199ee43138f30dfb7f4b37e9557f125139664f67e481a4a0
SSDEEP

1536:09zFOLGXi0mVoMYL4vUkIrDOzTE0u4UL0myNDkPUoYGFUWJ4nP9jwbBhi+oDp:cOwmoMZvqfOznntZAUo9UWJ4nP9j2YD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75cb80a0244999361cd939745f1f302f73b9c2e1771de8c23e6dba3a031085c1

Files

75cb80a0244999361cd939745f1f302f73b9c2e1771de8c23e6dba3a031085c1
.exe windows x86

9838f0022dd9e11901773cf7d15ad3b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetPrivateProfileIntW
MultiByteToWideChar
lstrlenW
GetCommandLineW
FlushFileBuffers
CloseHandle
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
SetConsoleCtrlHandler
ReadFile
SetEndOfFile
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetProcAddress
GetOEMCP
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
CreateFileW
SetStdHandle
LCMapStringW
HeapFree
HeapReAlloc
HeapAlloc
RtlUnwind
GetCommandLineA
GetVersion
ExitProcess
GetLastError
WideCharToMultiByte
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
GetACP
IsBadWritePtr
LCMapStringA
FreeEnvironmentStringsW
WriteFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
IsValidCodePage
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo
IsValidLocale
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetFilePointer

user32

LoadStringW

shell32

CommandLineToArgvW

odbc32

ord119
ord72
ord12
ord3
ord111
ord4
ord13
ord16
ord110
ord2
ord1
ord15
ord150
ord107
ord14
ord139

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bjdaucu
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9838f0022dd9e11901773cf7d15ad3b9

Headers

File Characteristics

Imports

kernel32

user32

shell32

odbc32

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 32KB - Virtual size: 32KB

bjdaucu Size: - Virtual size: 4KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 32KB - Virtual size: 32KB

bjdaucu
Size: - Virtual size: 4KB