45f3a26333027fbe478b55aabd54d6fc

Sharing

Copy URL

Twitter E-mail

General

Target

45f3a26333027fbe478b55aabd54d6fc
Size

42KB
MD5

45f3a26333027fbe478b55aabd54d6fc
SHA1

7ce70ac52d1041031fd2f6a822a65e0659d2fa37
SHA256

53d7e68aebc62dc50fd00e44a7f143a2e33c63dd28b6b81acfd6a1def645bd2e
SHA512

1dac539472f61e6cbbb0af7d25119a6f5510a51096478a4fbc074e81e716fdca653ce3f41dfc9966ceb926b346b42fd99d04f1c936df22bb5c05f366ba7fa9f5
SSDEEP

768:aj+sqMJpcr1j/bPtooHm6cetUOQJckIOi3Mem2N3MDH38P0I:o5n4t/btfmPNJ1O8K0I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45f3a26333027fbe478b55aabd54d6fc

Files

45f3a26333027fbe478b55aabd54d6fc
.exe windows:5 windows x86 arch:x86

949b7c1d077f0cc1e6d515ebc9ae66b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ShowConsoleCursor
GetPrivateProfileIntA
HeapFree
_llseek
SetThreadExecutionState
GetSystemWindowsDirectoryW
WritePrivateProfileSectionW
TransmitCommChar
SetEnvironmentVariableA
GetProcessHeaps
VirtualAlloc
GlobalUnlock
LCMapStringW
WriteConsoleInputA
SetTimeZoneInformation
WriteProfileSectionA
LockFileEx
SetComPlusPackageInstallStatus
CloseHandle
SetConsoleLocalEUDC
GetModuleHandleW
IsDBCSLeadByte
DeleteTimerQueueEx
CreateTapePartition
UnregisterWait
LoadLibraryA
SetVolumeLabelW
_lcreat
GetProcessHeap
QueryMemoryResourceNotification
SetConsoleCursorPosition
GetConsoleAliasesA
CreateWaitableTimerA
ReadConsoleOutputA
GetConsoleAliasExesLengthW
LoadModule
GetStartupInfoA
VirtualLock
SetTapeParameters
AddConsoleAliasW
GetBinaryTypeW
GetFileInformationByHandle
GlobalAlloc
GetProcAddress
GetCurrentDirectoryA
ExpungeConsoleCommandHistoryA
HeapValidate
WaitForDebugEvent
GetFileType
_hread
SetConsoleNumberOfCommandsW
SetTapePosition
GetFileTime
ChangeTimerQueueTimer
GetVolumePathNamesForVolumeNameW
GetThreadTimes
SetCommBreak

duser

GetActionTimeslice
SetGadgetBufferInfo
GetGadgetBufferInfo
AutoTrace
GetGadgetProperty
IsInsideContext
GetStdColorBrushF
GetGadgetStyle
InitGadgetComponent
UtilBuildFont
DUserBuildGadget
FireGadgetMessages
DUserFindClass
UtilSetBackground
DUserPostEvent
UtilDrawOutlineRect
PeekMessageExA
SetGadgetFillI
LookupGadgetTicket
AddGadgetMessageHandler
SetGadgetParent
DUserPostMethod
GetStdColorPenF
GetGadgetRootInfo
GetGadgetCenterPoint
CreateAction
SetGadgetRect

sqlwoa

_LoadLibrary@4
_SetProp@12
newMultiByteFromWideCharSize
_StartDoc@8
_GetWindowText@12
_LoadIcon@8
newMultiByteFromWideCharEx
_GetComputerName@8
_GetVersionEx@4
_IsDialogMessage@8
_FindResource@12
_MoveFile@8
_GetTextMetrics@8
_LoadBitmap@8
_GetSaveFileName@4
_SendMessage@16
newMultiByteFromWideChar
ConvertMultiSZNameToW
_DeleteFile@4
newWideCharFromMultiByte
_CommDlg_OpenSave_GetFolderPath@12
_CharUpper@4
_SendDlgItemMessage@20
_CallWindowProc@20
_FormatMessage@28
_GetOpenFileName@4
_GetProp@8

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

949b7c1d077f0cc1e6d515ebc9ae66b9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

duser

sqlwoa

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 6KB - Virtual size: 6KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 2KB - Virtual size: 1KB