75401c299819ede1d6bb3861f62e5110

General

Target

75401c299819ede1d6bb3861f62e5110
Size

1.1MB
MD5

75401c299819ede1d6bb3861f62e5110
SHA1

56cbe50a5898dc8fba5a2e5094866ff75750a4c3
SHA256

bd2b81864fe6a012c5f8733750e3438cd74f2af767f67ae301dde0a76ac072ef
SHA512

128584516de8b956705cb0e6d1bfb59e71c9f5f5d22c5c42406f5a938e2c2686cb951794fe5ea29e666472f543b100842af4648ac0df3c648a542016c4a0e474
SSDEEP

24576:Hju89C5KE7saQ21Di3ztOqkeRMMmCAVbqCdx7skv:Hns537sb+DwzsdeR3NAFH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75401c299819ede1d6bb3861f62e5110

Files

75401c299819ede1d6bb3861f62e5110
.exe windows:1 windows x86 arch:x86

f429f756436a0cc7462465e8fb0a4fab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

adsldpc

ADsEnumAttributes
ADsAbandonSearch
ADsSetSearchPreference
ADSIDeleteDSObject
BuildADsParentPath
ADSIAbandonSearch
FreeADsStr
ADsExecuteSearch
IsGCNamespace
ADsEncodeBinaryData

kernel32

WaitForMultipleObjects
HeapSize
WriteFileGather
ConnectNamedPipe
CreateFileA
HeapDestroy
UnmapViewOfFile
SetFilePointer
TryEnterCriticalSection
GetCurrentProcessId
FileTimeToLocalFileTime
HeapCreate
ExitProcess
InitializeCriticalSection
MapViewOfFile
ReadFile
CreateNamedPipeA
HeapFree
InterlockedIncrement
InterlockedPushEntrySList
HeapAlloc
InterlockedPopEntrySList
CreateFileMappingA
LeaveCriticalSection
GetCurrentThreadId
GetFileTime
CallNamedPipeA
GetVersion
InterlockedDecrement
CloseHandle

odbc32

SQLForeignKeysA
VFreeErrors
SQLFreeConnect
SQLCloseCursor
SQLSetConnectAttr
SQLBrowseConnectA
ValidateErrorQueue
SQLDisconnect
SQLSetConnectOptionA
SQLPrimaryKeysA
SQLColAttributeA
SQLBulkOperations
SQLDriversA
SQLSetScrollOptions
SearchStatusCode
PostComponentError
SQLGetEnvAttr
CollectODBCPerfData
SQLStatistics
SQLExecute

Sections

.text
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrcs
Size: 757KB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f429f756436a0cc7462465e8fb0a4fab

Headers

File Characteristics

Imports

adsldpc

kernel32

odbc32

Sections

.text Size: 199KB - Virtual size: 199KB

.data Size: 164KB - Virtual size: 164KB

.rsrcs Size: 757KB - Virtual size: 3.8MB

.text
Size: 199KB - Virtual size: 199KB

.data
Size: 164KB - Virtual size: 164KB

.rsrcs
Size: 757KB - Virtual size: 3.8MB