a31c10495d5eccd3319984755047ec09

Sharing

Copy URL Twitter E-mail

General

Target

a31c10495d5eccd3319984755047ec09
Size

1.2MB
MD5

a31c10495d5eccd3319984755047ec09
SHA1

2c24f67ae9e975ff34aa40a2892befae8b93bc51
SHA256

e679a0aa28c23d665f887e346a38ff6755bf82460039613f60fe903493ce2832
SHA512

2e628745f36ad8ef1b53e29e6dde302a78a9552e9254f034216aa47fa56d30c4ac3001737d350ebc19c3ccf855db686d8f77e46929a7d5defa1651ee32564ca7
SSDEEP

24576:6eP3/BO/Mw+iK+ejxkLoVUybIFLtTrrzlSi2VNip9XgK:6enByM5iCk0Ivnwigin

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a31c10495d5eccd3319984755047ec09

Files

a31c10495d5eccd3319984755047ec09
.exe windows:4 windows x86 arch:x86

c3ee8a63835e2243407b06af1cb86d56

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SendMessageA
RegisterClassA
DestroyWindow
BeginPaint
ShowWindow
TranslateMessage
CreateWindowExA
EndPaint
UpdateWindow
DefWindowProcA
DispatchMessageA
GetMessageA

kernel32

GetSystemTimes
ReadFileScatter
GetFileTime
HeapFree
HeapDestroy
ReadFile
CloseHandle
ExpandEnvironmentStringsA
VirtualFree
GetEnvironmentStringsA
GetFirmwareEnvironmentVariableA
HeapAlloc
SetProcessPriorityBoost
FileTimeToDosDateTime
CreateNamedPipeA
InterlockedPushEntrySList
GetVersion
ConnectNamedPipe
lstrcpynA
lstrcmpiA
PeekNamedPipe
HeapCreate
SystemTimeToFileTime
CallNamedPipeA
FreeEnvironmentStringsA
GetCurrentProcess
GetSystemTime
ExitProcess
InterlockedIncrement
WaitForMultipleObjects
GetCurrentThread
VerSetConditionMask
WriteFileEx
GetNamedPipeInfo
InterlockedCompareExchange
GetThreadPriorityBoost
InterlockedDecrement
VirtualAlloc
InterlockedPopEntrySList
CreateFileA
SetFilePointer

odbc32

SQLNativeSql
SQLTablePrivilegesA
SQLForeignKeys
SQLGetStmtAttrA
PostODBCComponentError
SQLConnect
SQLSetPos
SQLGetEnvAttr
SQLGetDescRec
CursorLibLockDbc
SQLMoreResults
SQLGetCursorName
SQLExecute
SQLGetTypeInfo
SQLExtendedFetch
SQLParamData
SQLBulkOperations
SQLSetConnectOption
SQLGetTypeInfoA
SQLProcedures
SQLBindParameter
SQLDescribeCol
SQLPutData
SQLPrimaryKeys
CloseODBCPerfData
CollectODBCPerfData
SQLBrowseConnect
SQLConnectA
SQLGetInfo
VFreeErrors
SQLPrepareA
SQLColumnsA
SQLPrepare
SQLBindParam
SQLStatisticsA
SQLTablesA

Sections

.text
Size: 868KB - Virtual size: 868KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 311KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3ee8a63835e2243407b06af1cb86d56

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

odbc32

Sections

.text Size: 868KB - Virtual size: 868KB

.data Size: 18KB - Virtual size: 18KB

.rsrc Size: 311KB - Virtual size: 3.3MB

.text
Size: 868KB - Virtual size: 868KB

.data
Size: 18KB - Virtual size: 18KB

.rsrc
Size: 311KB - Virtual size: 3.3MB