1c22b62edc7655adf004de9664b3a843

General

Target

1c22b62edc7655adf004de9664b3a843
Size

20KB
MD5

1c22b62edc7655adf004de9664b3a843
SHA1

83138ad97e916f7e1efdc36ad14b561a31fba5ed
SHA256

e93473a23039522ce9c0b01453b809495c0ab354d4ad61e634b493955ceaac28
SHA512

90d9cf71238e2d2fe52f6a4f5d7a6b73e52fb9f800ac734066a33a89880ca469f7e05db36dde010baf868b33df832822ca1f3a9ab24be83b770a5300d3762fe1
SSDEEP

96:juVDP+FZJnIkUrnVeDepaPn/oHCEQB42OeJ9/PtboynVV//LyP4W4B4pWZl:KGc7n4ipRi7B42rxP1oynVVPW4B4pWv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c22b62edc7655adf004de9664b3a843

Files

1c22b62edc7655adf004de9664b3a843
.exe windows:4 windows x86 arch:x86

0f445ad3c7683eaa2b932a9c3d8d6db1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

sqlunirl

_GetUnicodeRedirectionLayer@0

sqlresld

SQLUILoadResourceDLL

kernel32

GetStartupInfoA
MultiByteToWideChar
GetModuleHandleA
GetUserDefaultLCID

advapi32

RegOpenKeyExW
RegQueryValueExW
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

msvcrt

__getmainargs
__set_app_type
strcat
_stricmp
strcpy
wcscat
_wcsicmp
wcscpy
_exit
_XcptFilter
exit
_acmdln
_onexit
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_except_handler3
_controlfp
__dllonexit

ole32

CoCreateInstance
CoInitialize
CoUninitialize

semsfc

?SetMainHelpCollection@SHelp@@QAEXPBG0@Z
?FreeLib@SHelp@@QAEXXZ
?SGetWindowsPlatform@@YAIXZ
?GetApp@SApplication@@SAPAV1@XZ
?SetMainHelpFile@SHelp@@QAEXPBG0@Z

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qnk
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0f445ad3c7683eaa2b932a9c3d8d6db1

Headers

File Characteristics

Imports

sqlunirl

sqlresld

kernel32

advapi32

msvcrt

ole32

semsfc

Sections

.text Size: 4KB - Virtual size: 1KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 364B

.rsrc Size: 4KB - Virtual size: 1KB

.qnk Size: - Virtual size: 1B

.text
Size: 4KB - Virtual size: 1KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 364B

.rsrc
Size: 4KB - Virtual size: 1KB

.qnk
Size: - Virtual size: 1B