8f2b33460fbd9744a3e9cf493edb5629

Sharing

Copy URL

Twitter E-mail

General

Target

8f2b33460fbd9744a3e9cf493edb5629
Size

81KB
MD5

8f2b33460fbd9744a3e9cf493edb5629
SHA1

231008d9b37b0dc3e8c7fea600396a0b61712b17
SHA256

7c0efd0cb625a02454e5bfcd7924d5e4e7f58d5fd0551b4dd03016d2a7930408
SHA512

5c2daca5fb3a08d44da20844f64ce6ce38f878fee3e10f9f7825c5736163f8fef85fa0b2b2f4b2d6e960b757177b6393f8a9fb367ebfb454be8cae6dfabe5807
SSDEEP

1536:U8pTwYcacrWhbGalJNTMwpeMG4WPnN4QXFBphpXwzD7EdwsuY:U8tcacShb5JNTTG4WPiQXFBWbuwsuY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f2b33460fbd9744a3e9cf493edb5629

Files

8f2b33460fbd9744a3e9cf493edb5629
.exe windows:5 windows x86 arch:x86

340ade958b0ecacb76324eba3059ad6d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

sqlsrv32

SQLGetInfoW
SQLFreeHandle
SQLNativeSqlW
WizDatabaseDlgProc
SQLProceduresW
SQLColumnPrivilegesW
SQLNumResultCols
BCP_colptr
SQLSpecialColumnsW
SQLSetScrollOptions
BCP_setcolfmt
SQLFetchScroll
SQLCopyDesc
SQLSetDescRec
SQLColumnsW

setupapi

SetupDiSelectOEMDrv
CM_Get_Class_Key_NameW
SetupDiClassNameFromGuidExW
SetupDiCancelDriverInfoSearch
pSetupQueryMultiSzValueToArray
CM_Get_Next_Res_Des
CM_Locate_DevNodeW
SetupDiRemoveDevice
SetupQueueCopySectionA
SetupFindNextMatchLineW
SetupCommitFileQueueA
SetupDiSelectDevice
CM_Get_DevNode_Registry_Property_ExA

glmf32

glsNumub
glsNums
glsSwapBuffers
glsNumusv
glsBlock
glsGetStreamAttrib
glsUCS4toUTF8
glsRequireExtension
glsUCS1toUTF8z
glsULongHigh
glsNumubv
glsDeleteContext
glsDisplayMapfv
glsUTF8toUCS2z

samlib

SamEnumerateGroupsInDomain
SamSetSecurityObject
SamQueryInformationAlias
SamConnect
SamiChangeKeys
SamiChangePasswordUser
SamSetInformationGroup
SamGetDisplayEnumerationIndex
SamRemoveMultipleMembersFromAlias
SamChangePasswordUser
SamLookupIdsInDomain
SamCreateGroupInDomain
SamEnumerateAliasesInDomain
SamEnumerateDomainsInSamServer
SamRemoveMemberFromAlias

kernel32

SetStdHandle
GetSystemTimeAsFileTime
FindNextVolumeW
ExpandEnvironmentStringsA
QueryPerformanceCounter
LoadLibraryA
SetConsoleCtrlHandler
SetFileValidData
GetNumaAvailableMemoryNode
GetTickCount
GetCurrentProcessId
GetCurrentActCtx
GetCurrentThreadId
EnumSystemCodePagesA
CreateWaitableTimerA
WriteFileEx
VirtualAlloc
GetStartupInfoA
AddConsoleAliasA
IsBadHugeWritePtr

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

340ade958b0ecacb76324eba3059ad6d

Headers

DLL Characteristics

File Characteristics

Imports

sqlsrv32

setupapi

glmf32

samlib

kernel32

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 29KB - Virtual size: 42KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 512B - Virtual size: 216B

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 29KB - Virtual size: 42KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 512B - Virtual size: 216B