ca5341b20efe3b520f8ff6956a4f4c63 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ca5341b20efe3b520f8ff6956a4f4c63
Size

255KB
MD5

ca5341b20efe3b520f8ff6956a4f4c63
SHA1

81e6b162b67b9961ebb36e5df580c25968622793
SHA256

fac3d648173e6473d62b2096e17ef13ca5bd8f762f13c088d3c9ce1fc9e8512a
SHA512

b3264ee43a86b649029ee18936f859306ff4c143a9453d1de584120388dd14283b2080ff4be2c2417e4406a47ac20319fe207b11818b02bad54276c0f1cb58e5
SSDEEP

6144:uzQwmUqb+UCH98u98bCeGJKgfWr7uAL+TSVX/5Au:qQw7qqp/W9GYgfWr+TCX/5A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca5341b20efe3b520f8ff6956a4f4c63

Files

ca5341b20efe3b520f8ff6956a4f4c63
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

getSQLDriverPOSTGRESQL

Sections

CODE
Size: 217KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ