e1214d16fa0de2478548b6c4ba27516c

Sharing

Copy URL

Twitter E-mail

General

Target

e1214d16fa0de2478548b6c4ba27516c
Size

46KB
MD5

e1214d16fa0de2478548b6c4ba27516c
SHA1

df3b099e43dfb69da494512ece485a1173490221
SHA256

27dc8ccc0a54150b26660cf81e5777f56e596df7acfdca555a9e1ac21679efb5
SHA512

a0f3d6c1b50e8b92c5417670dc7937fdb6ca32630f3e3999d8ce3858ff3dd1fc3af4a220b00c80b4c5d248a0dcc7af07ea1dc2e898f47b3801e324431005fd09
SSDEEP

768:wyCcpsj/FP1p5vMfGd1uisASlPLyvkYRri52IALzMAsEBCmDUd:5LpiJvMuPqlPLbYRrxIA3MAsMCmwd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1214d16fa0de2478548b6c4ba27516c

Files

e1214d16fa0de2478548b6c4ba27516c
.exe windows:5 windows x86 arch:x86

da275da0017949e29ff9a3621215df8c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

sqlunirl

_EndUpdateResource_@8
_GetClassInfo@12
_RegReplaceKey_@16
_GetCharWidth_@16
_SendMessageCallback_@24
_CommDlg_OpenSave_GetFilePath@12
_RemoveDirectory_@4
_GetDriveType_@4
_lstrcmpi_@8
_TranslateAccelerator@12
_RegDeleteValue_@8
_GetEnhMetaFile_@4
_GetSystemDirectory_@8
_GetLogColorSpace_@12
_NDdeShareGetInfo_@28
_FindWindowEx_@16
_OpenDesktop_@16
_WriteProfileSection_@8
_EnumResourceLanguages_@20
_RegSaveKey_@12
_ExtractIcon_@12
_CreateMetaFile_@4
_ReplaceText_@4
_QueryServiceConfig_@16
newMultiByteFromWideCharEx
_GetCommandLine_@0

kernel32

lstrlenA
ClearCommBreak
DebugBreakProcess
DosPathToSessionPathW
lstrcmpW
WriteProfileSectionW
WaitForSingleObject
FileTimeToDosDateTime
SetThreadUILanguage
ExpandEnvironmentStringsA
GetStartupInfoW
BaseDumpAppcompatCache
SetConsoleWindowInfo
NlsGetCacheUpdateCount
PulseEvent
SetConsoleCtrlHandler
EnumCalendarInfoW
SetLocalPrimaryComputerNameA
ScrollConsoleScreenBufferA
DosPathToSessionPathA
InitializeSListHead
ResumeThread
SetSystemTime
GetVolumePathNameW
EnumSystemLocalesW
Process32NextW
SetConsoleTitleA
lstrlen
UnlockFile
GetNextVDMCommand
GetFileTime
GetConsoleDisplayMode
SetTermsrvAppInstallMode
WaitForSingleObjectEx
GetConsoleKeyboardLayoutNameA
GetLocaleInfoA
GetUserDefaultLCID
GetHandleInformation
SetFileTime
LoadLibraryA
SetConsoleTitleW
GetConsoleMode
IsDebuggerPresent
GetQueuedCompletionStatus
BuildCommDCBAndTimeoutsW
GetNamedPipeHandleStateA
GetExitCodeThread
EnumDateFormatsExA
OpenFileMappingW
VirtualQuery
SetTimerQueueTimer
SetDefaultCommConfigW
PeekConsoleInputW
EnumResourceTypesA
IsSystemResumeAutomatic
GetShortPathNameA
CompareFileTime
GlobalCompact
VirtualAlloc
GetComputerNameExA
HeapLock
GetNumaAvailableMemoryNode
SetLocalPrimaryComputerNameW
GlobalHandle
EnumSystemLanguageGroupsA
EnumDateFormatsW
MapViewOfFile
ConvertThreadToFiber
GetCompressedFileSizeW

ws2_32

WSAEnumNameSpaceProvidersA
WSARecv
WSANSPIoctl
WSAEventSelect
gethostbyname
WSAJoinLeaf
WSAAsyncGetProtoByNumber
recvfrom
WSAGetServiceClassNameByClassIdA
bind
WSAAsyncSelect
WSASendTo
WSApSetPostRoutine
WSASendDisconnect
shutdown
WSAEnumNameSpaceProvidersW
WSCEnableNSProvider
WSADuplicateSocketA
gethostname
WSAAccept
WSADuplicateSocketW
ntohl
WSAInstallServiceClassW
WSAAsyncGetHostByName
WSCUpdateProvider
WSAStringToAddressW
WSAEnumProtocolsA
WSAAsyncGetProtoByName
WSARecvFrom
closesocket
ntohs
select
WSCUnInstallNameSpace

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da275da0017949e29ff9a3621215df8c

Headers

DLL Characteristics

File Characteristics

Imports

sqlunirl

kernel32

ws2_32

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 6KB - Virtual size: 6KB