566cb9e222ca3fcd9b2ad7c5d89bba85

Sharing

Copy URL

Twitter E-mail

General

Target

566cb9e222ca3fcd9b2ad7c5d89bba85
Size

1.1MB
MD5

566cb9e222ca3fcd9b2ad7c5d89bba85
SHA1

8cdb57b99431a3f55259bfb35a1e1d71e87cf929
SHA256

c258df69cb68bb260f3fa6b8daa245f6dbc4a68d9487c3884a68f812015ae5c3
SHA512

bc5d47e51f6d73fffc312f658479a7e0355d84c5c30d650200369b7fa5752c3e7176dfe9e1dc7d044040f14b866efa5af17dff7479c70c56eb11db7c14bcac1f
SSDEEP

24576:s8z5eaqocvMr/rWInEbdehtTgN9bM+qDqvOw0Tnvs0:n85KbubogNSPuWs0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
566cb9e222ca3fcd9b2ad7c5d89bba85

Files

566cb9e222ca3fcd9b2ad7c5d89bba85
.exe windows:3 windows x86 arch:x86

d6711ca07dabc95b18e98f4ca4aa70b8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

ShowWindow
EndPaint
GetMessageA
DefWindowProcA
DestroyWindow
TranslateMessage
BeginPaint
CreateWindowExA
RegisterClassA
UpdateWindow
SendMessageA
DispatchMessageA

kernel32

GetStringTypeExA
SetFilePointer
lstrcmpA
PeekNamedPipe
InterlockedExchange
SetEvent
HeapFree
GetVersion
GetCurrentProcess
CreateFileA
SetProcessPriorityBoost
GetLocalTime
GetThreadPriorityBoost
ConnectNamedPipe
InterlockedCompareExchange
HeapAlloc
FileTimeToSystemTime
GetLastError
ReadFileEx
CloseHandle
GetCurrentThread
OpenEventA
ReadFile
HeapReAlloc
WriteFileGather
VirtualFree
WaitForMultipleObjects
GetFileTime
GetNamedPipeInfo
VirtualAlloc
lstrlenA
CreateNamedPipeA
CreateEventA
DisconnectNamedPipe
ReadFileScatter
HeapLock
DeleteFileA
VerSetConditionMask
ExitProcess
lstrcatA
SetNamedPipeHandleState
GetEnvironmentStringsA
CompareStringA
FreeEnvironmentStringsA
HeapUnlock

odbc32

SQLBulkOperations
SQLProcedureColumnsA
SQLColAttribute
SQLRowCount
SQLTables
SQLPrepare
SQLSetStmtAttr
SQLGetFunctions
SQLColAttributeA
SQLColAttributesA
SQLColAttributes
SQLBindParam
SQLGetDiagField
SQLAllocHandleStd
SQLNativeSqlA
SQLSpecialColumnsA
SQLTablePrivileges
SQLCopyDesc
SQLErrorA
SQLAllocStmt
SQLFreeHandle
SQLAllocEnv
SQLDescribeCol
SQLNumResultCols
SQLGetCursorName
SQLStatistics
PostODBCComponentError
CollectODBCPerfData
SQLEndTran
SQLProcedureColumns
SQLDriversA
SQLColumnsA
SQLGetStmtOption
SQLSetConnectOptionA
SQLColumnPrivilegesA
SQLGetConnectAttrA
SQLConnect
GetODBCSharedData
SQLSetParam

Sections

.text
Size: 584KB - Virtual size: 584KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 346KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 175KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6711ca07dabc95b18e98f4ca4aa70b8

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

odbc32

Sections

.text Size: 584KB - Virtual size: 584KB

.data Size: 346KB - Virtual size: 345KB

.rsrc Size: 175KB - Virtual size: 3.3MB

.text
Size: 584KB - Virtual size: 584KB

.data
Size: 346KB - Virtual size: 345KB

.rsrc
Size: 175KB - Virtual size: 3.3MB