c67d98f6875b7b7b940d5b60b5c83af2

Sharing

Copy URL Twitter E-mail

General

Target

c67d98f6875b7b7b940d5b60b5c83af2
Size

83KB
MD5

c67d98f6875b7b7b940d5b60b5c83af2
SHA1

853827555d2bcd8490ce1991b2206bd24c35c3bb
SHA256

442db443dc8dfb2b2ffb6e8fbefd155560e259188bbcea148e572d3b8fbd40f6
SHA512

191ff355fbc40f8a9e2a452be9498ce33894a3ed42b92ea83d5b221bffb20735d5773ca9ac06e50c4febceba21dc6ac91662728d4bef801747dfb35cab47a455
SSDEEP

1536:n5kxp5t0KDbfgHYbnucP/u1Q1PNC+u5nyFV29xlM6G8kIub2lwArxs4Y:nspzTDbfg4bucHIQypRl4ZMxY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c67d98f6875b7b7b940d5b60b5c83af2

Files

c67d98f6875b7b7b940d5b60b5c83af2
.exe windows:5 windows x86 arch:x86

592b33f00bf0c7df8a5e20b34ac68a8e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp60

??1overflow_error@std@@UAE@XZ
?sync@?$basic_filebuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?denorm_min@?$numeric_limits@C@std@@SACXZ
?sync@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
??X?$_Complex_base@M@std@@QAEAAV01@ABM@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?open@?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAEPAV12@PBDH@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0bad_cast@std@@QAE@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z
?overflow@strstreambuf@std@@MAEHH@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z

kernel32

GetStartupInfoA
ReadConsoleInputExA
GetCurrentProcessId
GetFileType
QueryPerformanceCounter
GetTickCount
SetConsoleCtrlHandler
GetLongPathNameW
HeapSize
ReadConsoleInputW
SetProcessPriorityBoost
SetThreadUILanguage
GetSystemTimeAsFileTime
LocalFileTimeToFileTime
ReadConsoleOutputW
InitializeSListHead
CreateDirectoryA
VirtualAlloc
GetEnvironmentStringsW
GetCurrentThreadId
LoadLibraryA

odbcjt32

SelectUIdxDlgProc
SQLDescribeColW
ConfigDSNW
SQLRowCount
InitDialogAgain
SQLDisconnect
SQLSetStmtAttrW
SQLSetDescRec
ConfigDriverW
LoginDialogProc
SQLSetCursorNameW
SQLFetch

t2embed

TTDeleteEmbeddedFont
_TTRunValidationTests@8
_TTLoadEmbeddedFont@40
TTGetNewFontName
_TTIsEmbeddingEnabledForFacename@8
TTLoadEmbeddedFont
_TTEnableEmbeddingForFacename@8
_TTCharToUnicode@24
TTGetEmbeddingType
_TTIsEmbeddingEnabled@8
_TTDeleteEmbeddedFont@12
_TTEmbedFont@44
TTEmbedFontEx
TTCharToUnicode
TTRunValidationTestsEx
_TTGetEmbeddingType@8
TTEmbedFontFromFileA

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

592b33f00bf0c7df8a5e20b34ac68a8e

Headers

DLL Characteristics

File Characteristics

Imports

msvcp60

kernel32

odbcjt32

t2embed

Sections

.text Size: 30KB - Virtual size: 30KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 29KB - Virtual size: 80KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 512B - Virtual size: 300B

.text
Size: 30KB - Virtual size: 30KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 29KB - Virtual size: 80KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 512B - Virtual size: 300B