22e95da4d685cf7a8ca80be82b1a587da1094047cb200da81a61b44d515b6a16 | Triage

Sharing

General

Target

22e95da4d685cf7a8ca80be82b1a587da1094047cb200da81a61b44d515b6a16
Size

10.7MB
MD5

b68d1d16e51e6c79017a2374d6b072fb
SHA1

ed811cfa8711a4e34b37eac3e10d3530def45ff4
SHA256

22e95da4d685cf7a8ca80be82b1a587da1094047cb200da81a61b44d515b6a16
SHA512

5a3f7acb9cd3bb29f588dcc524a048a9f9bb8cb553ff86044e8c2d682ceb541806a4b2d85818f09c5292de26b05063b77426cf5ac41824d2718ec64d56c686e8
SSDEEP

24576:xeOeLIO66666666666666666666666666666666666666666666666666666666n:Ze

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22e95da4d685cf7a8ca80be82b1a587da1094047cb200da81a61b44d515b6a16

Files

22e95da4d685cf7a8ca80be82b1a587da1094047cb200da81a61b44d515b6a16
.exe windows:5 windows x86

6fb056b44c3e703eaf84b188fbd4f4ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
CloseHandle
VirtualAllocEx
DeleteFileA
GetModuleHandleA
CreateEventW
GetSystemTime
GetCurrentDirectoryW
CreateMutexA
LoadLibraryExA
MapViewOfFile
GetCurrentThreadId
OpenJobObjectA
GetShortPathNameA
MoveFileExA
Sleep
OpenMutexW
TerminateThread
CreateFileW
RemoveDirectoryA

clusapi

ClusterEnum
ClusterControl
CloseCluster

odbctrac

TraceSQLConnect
TraceSQLCancel
TraceSQLFetch
TraceSQLBindCol

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 824B

IMAGE_SCN_MEM_READ

Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_MEM_READ

Size: 10.6MB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ