d6f980eef7fc37ac8ecbce2c6d3f785a

Sharing

Copy URL Twitter E-mail

General

Target

d6f980eef7fc37ac8ecbce2c6d3f785a
Size

45KB
MD5

d6f980eef7fc37ac8ecbce2c6d3f785a
SHA1

cecda79a43c24313bbdede3e3fa8b053eeabfcb9
SHA256

16c4cd9e65d31f38fe91d09e137acd63fcb44cfda3d8c1748888074fae4cc05c
SHA512

850f1268b17d8a327aada3a06d66962a970f4519a61826f4f4584a2c359b9746363b7a76278f5113d0ca9b74e253a4e10babc23088fe0e2392a1356195069f14
SSDEEP

768:ad4DWIOp72efdlNoSjR/mEAuuy/OP968N9NQQnOTubGvXNv8fn8OqFPFbwZr:U72efvNnRuEAuujPFNFGFfp5Ni

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6f980eef7fc37ac8ecbce2c6d3f785a

Files

d6f980eef7fc37ac8ecbce2c6d3f785a
.exe windows:5 windows x86 arch:x86

cab4f83e4f75415885f1cea8164208f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

odbccp32

SQLInstallerError
SQLInstallDriverW
SQLGetTranslator
SQLRemoveDriver
SQLRemoveDSNFromIniW
SQLLoadDriverListBox
SQLInstallerErrorW
SQLValidDSN
SQLCreateDataSource
SQLRemoveTranslator
SQLWriteFileDSN
SQLReadFileDSN
SQLGetConfigMode
SQLInstallDriver
SelectTransDlg
SQLManageDataSources
SQLGetAvailableDrivers
SQLConfigDataSource
SQLPostInstallerErrorW
SQLGetPrivateProfileStringW
SQLRemoveDefaultDataSource
SQLInstallDriverEx
SQLRemoveTranslatorW

catsrvut

WinlogonHandlePendingInfOperations
??4CComPlusMethod@@QAEAAV0@ABV0@@Z
StartMTSTOCOM
??4CComPlusComponent@@QAEAAV0@ABV0@@Z
??_7CComPlusComponent@@6B@
RegDBBackup
??4CComPlusInterface@@QAEAAV0@ABV0@@Z
COMPlusUninstallActionW
??_7CComPlusMethod@@6B@
RegDBRestore
??0CComPlusObject@@QAE@ABV0@@Z
RunMTSToCom
FindAssemblyModulesW
??0CComPlusMethod@@QAE@ABV0@@Z
ManagedRequestW
SysprepComplus2
QueryUserDllW
??_7CComPlusObject@@6B@
??4CComPlusTypelib@@QAEAAV0@ABV0@@Z

ole32

StringFromCLSID
CoTaskMemRealloc
HMETAFILE_UserSize
GetHookInterface
CoCreateInstanceEx
PropSysFreeString
OleQueryLinkFromData
CoGetMalloc
CoGetCallerTID
CoRegisterMallocSpy
SetConvertStg
CoSetState
CreateStreamOnHGlobal
WdtpInterfacePointer_UserFree
StringFromIID
CoResumeClassObjects
HDC_UserFree
CoPopServiceDomain
CoCreateGuid

kernel32

lstrlen
LoadLibraryA
UnregisterWait
GetDateFormatA
VirtualAlloc
SetComputerNameExA
WriteProfileSectionW
GetStartupInfoA
GetAtomNameW
QueryPerformanceCounter
SetCalendarInfoW
FillConsoleOutputCharacterW
LZInit
GetCurrentThread
FatalAppExitW
CloseHandle
WritePrivateProfileStringA
GetThreadPriorityBoost
GetDefaultCommConfigA
GetProcessShutdownParameters
SetLastError

Sections

.t1ext
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cab4f83e4f75415885f1cea8164208f9

Headers

DLL Characteristics

File Characteristics

Imports

odbccp32

catsrvut

ole32

kernel32

Sections

.t1ext Size: 37KB - Virtual size: 36KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.t1ext
Size: 37KB - Virtual size: 36KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB