acd053dee2b729c9274e85499191bd6ad19d60ec6e9f40485114182013db00fb

General

Target

acd053dee2b729c9274e85499191bd6ad19d60ec6e9f40485114182013db00fb
Size

9KB
MD5

a2c65c4ddbe2ce99443f1cc26095d6ac
SHA1

09138cdb317d294c8b53026d9ad2867f1b2879c4
SHA256

acd053dee2b729c9274e85499191bd6ad19d60ec6e9f40485114182013db00fb
SHA512

82b54c943f7ec26444b03439df03bc6b1a16e93987d59caf6f47fee5cb076cfe2a3257765e6bcef260693ddead5b217e8ae34b034b7b69d64e12a8a2fbfa4650
SSDEEP

96:0PPzvqYWcxO1wUXeNEMGRQur/IW2QPrx8HuvjJjSD5SLr/3XBg+bmOfenfRzx:e7Rf41B7r/IpirvAKD3XXFO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acd053dee2b729c9274e85499191bd6ad19d60ec6e9f40485114182013db00fb

Files

acd053dee2b729c9274e85499191bd6ad19d60ec6e9f40485114182013db00fb
.dll windows:6 windows x64 arch:x64

771045c15164c576a97c9a88714cfe67

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Dev\work\NetVision\Dev\Install\Scripts\InnoSetup_MULTI\ProgramDir\PgBuild\postgresql\Release\utf8_and_iso8859_1\utf8_and_iso8859_1.pdb

Imports

postgres.exe

pg_utf8_islegal
report_untranslatable_char
report_invalid_encoding
check_encoding_conversion_args
pg_utf_mblen

msvcr120

free
_malloc_crt
_initterm
_amsg_exit
__C_specific_handler
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
__clean_type_info_names_internal
__CppXcptFilter
_initterm_e

kernel32

DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
EncodePointer
DecodePointer

Exports

Exports

Pg_magic_func
iso8859_1_to_utf8
pg_finfo_iso8859_1_to_utf8
pg_finfo_utf8_to_iso8859_1
utf8_to_iso8859_1

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

771045c15164c576a97c9a88714cfe67

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

postgres.exe

msvcr120

kernel32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 88B

.pdata Size: 512B - Virtual size: 264B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 16B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 88B

.pdata
Size: 512B - Virtual size: 264B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 16B