588f0a69d0bb03fd894833090aeba7144d54f7f7ff374b1ff8cb3ca52ae02a20

General

Target

588f0a69d0bb03fd894833090aeba7144d54f7f7ff374b1ff8cb3ca52ae02a20
Size

10KB
MD5

2cf61edecbb9aa01abc7481259409d38
SHA1

c4adf19c53d5b982c30e6211a1b9f96a21c4ab24
SHA256

588f0a69d0bb03fd894833090aeba7144d54f7f7ff374b1ff8cb3ca52ae02a20
SHA512

594ceac2ece2ce9606603d7a77194787f399d18667af832610a9265d8713c5e9ab80352f03b248a306c96bc3cecf6bfd0754e2ab961418be4c45932bf486b554
SSDEEP

96:xA0cSz3ovq7jGcZQcGA3EW2Q65ry8wv4lXyRlT23XBg+WhzfAnfRzx:WkjcI0pr5nkr23XXKw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
588f0a69d0bb03fd894833090aeba7144d54f7f7ff374b1ff8cb3ca52ae02a20

Files

588f0a69d0bb03fd894833090aeba7144d54f7f7ff374b1ff8cb3ca52ae02a20
.dll windows:6 windows x64 arch:x64

198cb39e563d331f48bd549f58419f47

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Dev\work\NetVision\Dev\Install\Scripts\InnoSetup_MULTI\ProgramDir\PgBuild\postgresql\Release\euc2004_sjis2004\euc2004_sjis2004.pdb

Imports

postgres.exe

report_invalid_encoding
check_encoding_conversion_args
pg_encoding_verifymb

msvcr120

_initterm
_initterm_e
__C_specific_handler
_malloc_crt
_unlock
_calloc_crt
__dllonexit
_onexit
__clean_type_info_names_internal
free
_amsg_exit
__CppXcptFilter
_lock

kernel32

DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
DecodePointer
EncodePointer
GetCurrentProcessId

Exports

Exports

Pg_magic_func
euc_jis_2004_to_shift_jis_2004
pg_finfo_euc_jis_2004_to_shift_jis_2004
pg_finfo_shift_jis_2004_to_euc_jis_2004
shift_jis_2004_to_euc_jis_2004

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

198cb39e563d331f48bd549f58419f47

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

postgres.exe

msvcr120

kernel32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 88B

.pdata Size: 512B - Virtual size: 288B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 16B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 88B

.pdata
Size: 512B - Virtual size: 288B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 16B