c744276cc9ea8342707df9c4997ece72 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c744276cc9ea8342707df9c4997ece72
Size

116KB
MD5

c744276cc9ea8342707df9c4997ece72
SHA1

8a860e642e5e6d8349fd6c17572a8586af753f98
SHA256

3bbf84318742846129973f74724cc5805de7962568efae165a16fee5ad68d910
SHA512

d98ead9f1872ebd868d8784de883b5a67f3afd71651439b223aa88f96b0e7a38311c161a3fa2ba267f546b4eecbb77fca2ea55f21454442de95b3349a45b19cf
SSDEEP

3072:1ugGOEugM5/3ilBgJDOjwimPO3xdPy7ktcqbEN:1OPrlBSDDua7kpQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c744276cc9ea8342707df9c4997ece72

Files

c744276cc9ea8342707df9c4997ece72
.exe windows:4 windows x86 arch:x86

407dd9c520e4464fdd7993d5082af77b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

sqlresld

SQLUILoadResourceDLL
SQLUIUnloadResourceDLL

kernel32

WideCharToMultiByte
MultiByteToWideChar
GetUserDefaultLCID
GetModuleHandleW

user32

wvsprintfW
LoadStringW
wsprintfW

msvcrt

_XcptFilter
__getmainargs
_exit
__dllonexit
printf
_controlfp
_onexit
??3@YAXPAX@Z
atol
wcscpy
??2@YAPAXI@Z
fwprintf
_iob
__CxxFrameHandler
fprintf
_except_handler3
_initterm
__setusermatherr
exit
__p___initenv
__p__fmode
_adjust_fdiv
__p__commode
__set_app_type

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

GetErrorInfo
SysFreeString

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE