3f1577d19d858f059e4e4c6848faacfa

General

Target

3f1577d19d858f059e4e4c6848faacfa
Size

39KB
MD5

3f1577d19d858f059e4e4c6848faacfa
SHA1

22b3b2e324454bfeca301d4d86600443e26944e3
SHA256

8f7363d6eacd385ba6c1a426a97cf8cec23a6fcef4a9d4dd47d3c13f2249de10
SHA512

947debfa8458a84c64403840bb18866ce5766631cd5630cfaad13754a26f0973db31c3fdf6695c6e63f959cbea0ac0804c7569288de467c784ca35094100b02d
SSDEEP

768:QTBe3VKNQxK0Ptzw/Q1B8ygiEogi6+DHp6OhxYmkVpW/mmnRqDI/eMy:+e9xLw/6BuLwjp6uxFkVpW/VRuImL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f1577d19d858f059e4e4c6848faacfa

Files

3f1577d19d858f059e4e4c6848faacfa
.exe windows:8 windows x86 arch:x86

0356e54907fb504a4c606d15fc92694e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

QueryDepthSList
VirtualAlloc
FileTimeToLocalFileTime
GetVersion
GetSystemTime
FreeEnvironmentStringsA
GetProcessAffinityMask
ExitProcess
HeapAlloc
lstrcpyA
HeapCreate
HeapDestroy
HeapFree
GetSystemTimeAdjustment
GetNamedPipeInfo
GetFirmwareEnvironmentVariableA
CreateFileA
InterlockedPushEntrySList
InterlockedPopEntrySList
GetFileTime
lstrlenA
HeapSize
ReadFile
CloseHandle
ConnectNamedPipe
GetSystemInfo
SwitchToThread
CreateNamedPipeA
GetEnvironmentVariableA
VirtualFree
GetEnvironmentStringsA
SetFilePointer
WaitForMultipleObjects

odbc32

SQLAllocConnect
OpenODBCPerfData
SQLParamOptions
SQLGetDiagRec
SQLExecDirectA
SQLErrorA
CollectODBCPerfData
SQLNativeSql
SQLColAttributeA
SQLGetData
SQLSetParam
SQLColAttribute
SQLGetDiagFieldA
SQLEndTran
SQLColumnPrivileges
SQLSetConnectOption
SQLNumResultCols
SQLCloseCursor
SQLForeignKeys
SQLSetScrollOptions
SQLGetDescField
SQLFreeHandle
SQLTablePrivilegesA
SQLCancel
SQLSetConnectAttrA
SQLGetTypeInfo
SQLPrimaryKeysA
SQLGetDescRec
SQLStatisticsA
SQLDriverConnect
SQLConnectA
SQLRowCount
CloseODBCPerfData

user32

DestroyWindow
EndPaint
TranslateMessage
DispatchMessageA
RegisterClassA
BeginPaint
CreateWindowExA
SendMessageA
UpdateWindow
ShowWindow
GetMessageA
DefWindowProcA

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0356e54907fb504a4c606d15fc92694e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

odbc32

user32

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 14KB - Virtual size: 14KB

.rsrc Size: 5KB - Virtual size: 16KB

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 5KB - Virtual size: 16KB