bd44be0e796185fdbd0197ba6f46c8a8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd44be0e796185fdbd0197ba6f46c8a8
Size

556KB
MD5

bd44be0e796185fdbd0197ba6f46c8a8
SHA1

a826cd9cca36a58cf82ab080ca165551cf3178c7
SHA256

61cac36263633fb03d50d4f63e38ee9b83f6b73d2cab4426df9f43bcda99c2d9
SHA512

effc669f07bf8d24cd620f77181330cf38a8be5163c71fb02666042787b80d379aaf1ccc7237d4994cdc021ba587442f7e87b7f607fbedfe9d2d7a5e52c3b2b2
SSDEEP

12288:yNSIj3Xt5cpQFge6oEBjNiWpbaWpIXH4q45LOc0wMynC30zBzyDM:yMIj3HcpQFg7ouNi4aWpI34xSc0wVnGW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd44be0e796185fdbd0197ba6f46c8a8

Files

bd44be0e796185fdbd0197ba6f46c8a8
.exe windows:5 windows x86 arch:x86

b130debbc4dfb8aa816230ce3672158d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
lstrcat
GetCommandLineA
OpenMutexW
GetCommandLineW
GetConsoleTitleW
WaitForSingleObject
CreateFileA
lstrcmp
CreateProcessW
GetSystemTime
ReadConsoleW
CreateEventA
OpenJobObjectA
GetGeoInfoA
CreateFileMappingW
CreateMutexW
CreateSemaphoreA

odbctrac

TraceSQLBindCol
TraceSQLError
TraceSQLCancel
TraceSQLFetch
TraceSQLConnect

user32

DrawStateA
wsprintfA
LoadCursorA
LoadMenuW
MessageBoxW
IsCharUpperW
PostMessageA
GetClassLongW
InsertMenuW
GetDlgItemTextW
DialogBoxParamW
CharToOemW
GetPropA
GetMessageW
CreateDesktopW
LoadBitmapA
DispatchMessageW

cryptdll

MD5Update
CDBuildVect
CDLocateRng
MD5Final

resutils

ResUtilDupString
ClusWorkerCreate
ClusWorkerTerminate
ResUtilGetBinaryValue

Sections

.text
Size: 539KB - Virtual size: 539KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE