1ce525045ad7043ed4e6eccccefcec6d

Sharing

Copy URL Twitter E-mail

General

Target

1ce525045ad7043ed4e6eccccefcec6d
Size

142KB
MD5

1ce525045ad7043ed4e6eccccefcec6d
SHA1

9819259e607c63adfb0e7e46dd0845c8970a2281
SHA256

50c461dbfc0beb8d798e7af2be912a77ef28e927c9624d51137eb732463b3e90
SHA512

adcd3d52323510cb58f99f3cbc100a5af57deb617f7dbdf407bccf8c3a697e05fac93a775502000d45a1c6ac1ff9d3bcbc5fb4b6e0230ebdeabf08b47ba8f5d7
SSDEEP

3072:39o58F0zY0+cn8kAvtqDO5VSMytmV2Y+j7x/l+njKENwLol1z98:O80cFNHki5awV2Y+BUn+Emobp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ce525045ad7043ed4e6eccccefcec6d

Files

1ce525045ad7043ed4e6eccccefcec6d
.exe windows:5 windows x86 arch:x86

8dabc26d0cd9071eda4474c87f69039c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
WritePrivateProfileStringW
GetSystemDirectoryA
GetLocaleInfoW
WriteFileEx
CreateDirectoryExA
FreeLibrary
GetVolumePathNameA
BaseCleanupAppcompatCacheSupport
GetCommandLineA
GetEnvironmentStringsW
GlobalGetAtomNameW
DeleteFiber
IsDBCSLeadByteEx
SetConsolePalette
VirtualAlloc
GlobalUnWire
ExitProcess
SetDefaultCommConfigW
IsBadStringPtrA
GlobalFindAtomW
GetSystemDefaultUILanguage
CreateActCtxW
Beep

msvcrt

_wstati64
swprintf
_findnext
iswupper
_wtempnam
realloc
_cgets
__RTCastToVoid
_setsystime
__unDNameEx
_strtime
__pctype_func
_mbsnbset
_CItan
_lfind
wctomb
_ismbclower
signal
__setlc_active

pdh

PdhGetDefaultPerfCounterW
PdhGetDataSourceTimeRangeA
PdhOpenQueryH
PdhCreateSQLTablesA
PdhEnumMachinesW
PdhGetRawCounterArrayA
PdhOpenLogA
PdhGetDllVersion
PdhGetDefaultPerfObjectW
PdhGetLogSetGUID
PdhExpandCounterPathA
PdhEnumObjectsW
PdhVbGetLogFileSize
PdhGetCounterTimeBase
PdhConnectMachineW
PdhVbOpenQuery
PdhGetLogFileTypeA

odbc32

SQLGetFunctions
SQLForeignKeys
SQLSetConnectOptionW
SQLDriverConnectW
SQLRowCount
SQLNumParams
SQLGetTypeInfo
SQLExtendedFetch
SQLConnectW
SQLTables
SQLFreeHandle
CloseODBCPerfData
SQLDescribeColA
SQLGetDescRec
SQLMoreResults

odbccr32

SQLGetDescRec
SQLParamOptions
SQLNativeSql
SQLSetConnectAttr
SQLSetScrollOptions
SQLBindCol
SQLTransact
SQLSetConnectOption
SQLSetStmtOption
SQLGetInfo
SQLPutData
SQLGetDescField
SQLBulkOperations
SQLCloseCursor
SQLExtendedFetch
SQLGetStmtAttr
SQLFetchScroll
SQLBindParameter
SQLRowCount
SQLCancel
SQLSetPos

msasn1

ASN1intx_uoctets
ASN1_CloseEncoder
ASN1CEREncBeginBlk
ASN1BERDecS32Val
ASN1intx_add
ASN1_CloseEncoder2
ASN1_CreateModule
ASN1BERDecZeroCharString
ASN1BERDecDouble
ASN1CEREncCharString
ASN1BEREncExplicitTag
ASN1objectidentifier_cmp
ASN1BERDecZeroMultibyteString
ASN1BERDecExplicitTag
ASN1_SetDecoderOption
ASN1BERDecEndOfContents
ASN1BERDecBitString
ASN1_CloseDecoder
ASN1_SetEncoderOption
ASN1bitstring_free
ASN1char16string_free
ASN1BERDecU32Val
ASN1CEREncZeroMultibyteString

user32

DefWindowProcA
RegisterClassA
PostQuitMessage

Sections

.text
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8dabc26d0cd9071eda4474c87f69039c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

pdh

odbc32

odbccr32

msasn1

user32

Sections

.text Size: 134KB - Virtual size: 133KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 1KB - Virtual size: 150KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 448B

.text
Size: 134KB - Virtual size: 133KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 1KB - Virtual size: 150KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 448B