50ff4b07ccfc8e927efa43e805f215cf

General

Target

50ff4b07ccfc8e927efa43e805f215cf
Size

1.1MB
MD5

50ff4b07ccfc8e927efa43e805f215cf
SHA1

54623525400345c51eaf6ae767d806ca8da21634
SHA256

bdc696583d6907dd14126fe49a895ad2c1610758b6fa7616964adeb80e6af6cd
SHA512

538da4cd56eaf202f60b3087c64507aee04db2cb3cf2cbea224944b24eab732b2dd66e187cbc0cdf551c5de2639d5ceab879ac97afb31a81a11c85231583c266
SSDEEP

24576:ooEglkx/iGQ5t0OhWmvMqpFFWMMstJyACcObpYi9Bm:ooEglYOzXM6JlvObuqm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50ff4b07ccfc8e927efa43e805f215cf

Files

50ff4b07ccfc8e927efa43e805f215cf
.exe windows:6 windows x86 arch:x86

36cf626a201d23eb6a5e8ce17623bb10

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

CreateWindowExA
ShowWindow
RegisterClassA
DispatchMessageA
EndPaint
DestroyWindow
GetMessageA
SendMessageA
TranslateMessage
DefWindowProcA
BeginPaint
UpdateWindow

odbc32

SQLGetDiagFieldA
SQLDataSources
SQLGetCursorNameA
SQLBrowseConnect
SQLFetch
SQLSetConnectOption
SQLParamOptions
SQLColumnPrivilegesA
SQLTablePrivileges
SQLDescribeColA
CursorLibLockDbc
SQLExecute
SQLPrepareA
SQLErrorA
SQLCloseCursor
OpenODBCPerfData
SQLTablesA
VFreeErrors
LockHandle
SQLForeignKeys
SQLParamData
SQLSetDescFieldA
SQLExecDirect
SQLSetDescField
SQLGetConnectAttrA
SQLNativeSqlA
SQLPrimaryKeysA
SQLPrimaryKeys
SQLProcedureColumns
SQLBindCol
SQLSetStmtAttr
SQLProceduresA
CursorLibTransact
SQLFreeHandle
ODBCSetTryWaitValue
SQLSpecialColumnsA
SQLColumnPrivileges

kernel32

InterlockedPopEntrySList
lstrcpynA
GetFileAttributesA
CreateEventA
CreateNamedPipeA
SetNamedPipeHandleState
SetFilePointer
VerSetConditionMask
GetFileAttributesExA
SetFirmwareEnvironmentVariableA
WaitForMultipleObjects
SetEvent
GetThreadPriorityBoost
lstrcmpA
HeapFree
GetCurrentThread
CreateFileA
ExitProcess
GetLastError
VirtualFree
ReadFile
OpenEventA
GetCurrentProcess
GetSystemTimes
GetVersion
InterlockedPushEntrySList
HeapAlloc
InterlockedFlushSList
SetProcessPriorityBoost
VirtualAlloc
CloseHandle
WriteFileGather
HeapLock
DeleteFileA

Sections

.text
Size: 578KB - Virtual size: 578KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 346KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 181KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36cf626a201d23eb6a5e8ce17623bb10

Headers

DLL Characteristics

File Characteristics

Imports

user32

odbc32

kernel32

Sections

.text Size: 578KB - Virtual size: 578KB

.data Size: 346KB - Virtual size: 346KB

.rsrc Size: 181KB - Virtual size: 3.3MB

.text
Size: 578KB - Virtual size: 578KB

.data
Size: 346KB - Virtual size: 346KB

.rsrc
Size: 181KB - Virtual size: 3.3MB