33aebed9bb095ed77be2b4f0f599219d

General

Target

33aebed9bb095ed77be2b4f0f599219d
Size

11.1MB
MD5

33aebed9bb095ed77be2b4f0f599219d
SHA1

872273dca704dda4f82e0510b1ad33f057feeb37
SHA256

cde738f3c536d024b72af693a6ba98701ed7a7ba47ec4584362650fd285f0385
SHA512

1e18e6360bc70b1a7da76698991b5e522990b949e0a769187d16412ec4974463af0cf70e85caa0aa0a5905f2f9a2cfabd9570e4cf6056f5e8f63d9df82d5c091
SSDEEP

6144:C5i1XGPcHJtSV2leLhXNhY7C7knA8zGtoCsEBRY3prgDnBXQDtgd809UT6MU9ia8:JY5chN9u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33aebed9bb095ed77be2b4f0f599219d

Files

33aebed9bb095ed77be2b4f0f599219d
.exe windows:5 windows x86 arch:x86

4593cfb3e8e160e98644175536102bd6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

clbcatq

CoRegCleanup
DowngradeAPL
ComPlusMigrate

comsvcs

CoCreateActivity
CoLoadServices
CoEnterServiceDomain
RecycleSurrogate
SafeRef

user32

LoadMenuA
DrawStateW
ShowWindow
GetPropA
PostMessageA
LoadBitmapA
IsCharLowerA
CreateDesktopA
DispatchMessageA
DialogBoxParamW
wsprintfA
IsDialogMessageA
LoadIconA
PeekMessageW

odbctrac

TraceSQLFetch
TraceSQLConnect
TraceSQLCancel
TraceSQLError
TraceSQLBindCol

kernel32

MoveFileA
EnterCriticalSection
GetDateFormatA
ReadConsoleW
GetProcAddress
CreateSemaphoreW
WaitNamedPipeW
GetModuleHandleA
GetSystemDirectoryW
WaitForSingleObjectEx
DeleteFileA
GetCurrentThread
GetStartupInfoA
CreateMailslotW
SetErrorMode
lstrcmpi
MoveFileExA
CloseHandle
GetTempPathW
GetShortPathNameA
GetExpandedNameW
LoadLibraryW

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11.0MB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4593cfb3e8e160e98644175536102bd6

Headers

DLL Characteristics

File Characteristics

Imports

clbcatq

comsvcs

user32

odbctrac

kernel32

Sections

.text Size: 55KB - Virtual size: 55KB

.adata Size: 84KB - Virtual size: 83KB

.adata Size: 2KB - Virtual size: 2KB

.rsrc Size: 11.0MB - Virtual size: 2KB

.text
Size: 55KB - Virtual size: 55KB

.adata
Size: 84KB - Virtual size: 83KB

.adata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 11.0MB - Virtual size: 2KB