459ab7894517142ac9e7751629c688fc7b330d9f324d1c160ab30ed323e2a796

Sharing

Copy URL Twitter E-mail

General

Target

459ab7894517142ac9e7751629c688fc7b330d9f324d1c160ab30ed323e2a796
Size

9KB
MD5

daed86f28852ddc9fedb6d7f6a6d0df8
SHA1

5f805aa02e2cf4b9bd25c3ad26383fc714353a19
SHA256

459ab7894517142ac9e7751629c688fc7b330d9f324d1c160ab30ed323e2a796
SHA512

2a6f5e0a2ec990eb397796fce3dfcb78a9746e2c9b5ed19671da75985d4342c44c2c2e6b1e839fecb1115fea27aa175e28a7585cf30f5a3c30d3fcd0ed6e6bbd
SSDEEP

96:YvPzgN4UV7YAGoYXW2Q4rt8Xndmq/qBHLK3jq3XBg+mkpmdf6nfRzx:aPzgzMMYXpx+dmqsHLK3+3XXmWe6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
459ab7894517142ac9e7751629c688fc7b330d9f324d1c160ab30ed323e2a796

Files

459ab7894517142ac9e7751629c688fc7b330d9f324d1c160ab30ed323e2a796
.dll windows:6 windows x64 arch:x64

60c798c382fe541c54e6c43c24052ca4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Dev\work\NetVision\Dev\Install\Scripts\InnoSetup_MULTI\ProgramDir\PgBuild\postgresql\Release\latin_and_mic\latin_and_mic.pdb

Imports

postgres.exe

mic2latin
latin2mic
check_encoding_conversion_args

msvcr120

_initterm
_initterm_e
__C_specific_handler
_malloc_crt
_unlock
_calloc_crt
__dllonexit
_onexit
__clean_type_info_names_internal
free
_amsg_exit
__CppXcptFilter
_lock

kernel32

DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
DecodePointer
EncodePointer
GetCurrentProcessId

Exports

Exports

Pg_magic_func
latin1_to_mic
latin3_to_mic
latin4_to_mic
mic_to_latin1
mic_to_latin3
mic_to_latin4
pg_finfo_latin1_to_mic
pg_finfo_latin3_to_mic
pg_finfo_latin4_to_mic
pg_finfo_mic_to_latin1
pg_finfo_mic_to_latin3
pg_finfo_mic_to_latin4

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60c798c382fe541c54e6c43c24052ca4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

postgres.exe

msvcr120

kernel32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 88B

.pdata Size: 512B - Virtual size: 264B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 16B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 88B

.pdata
Size: 512B - Virtual size: 264B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 16B