5e7b27d4c2cefdf44ccf488a52a1ff0e8048ddb715c81632cabb183362cfe843

Sharing

Copy URL

Twitter E-mail

General

Target

5e7b27d4c2cefdf44ccf488a52a1ff0e8048ddb715c81632cabb183362cfe843
Size

445KB
MD5

946e41e182032c297501b3016746a5b0
SHA1

38531e1c7c88d982a96c27a1904fe19f53bf633b
SHA256

5e7b27d4c2cefdf44ccf488a52a1ff0e8048ddb715c81632cabb183362cfe843
SHA512

3733e40b90b1d7c0d860deb6436824209b5cb86532920408d378a57738ac1a54fdcdc707f9d2740e864f5155a4c02ecd310d8e0e237173da309db401b6b0cc6b
SSDEEP

12288:wRMkSsUGMqbxfDImY9sGCfsQCLD+WiBkxZlc:wR63qbxfwCfsQCLD+Wskxj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e7b27d4c2cefdf44ccf488a52a1ff0e8048ddb715c81632cabb183362cfe843

Files

5e7b27d4c2cefdf44ccf488a52a1ff0e8048ddb715c81632cabb183362cfe843
.dll windows:10 windows x86 arch:x86

d9abc7bd3307bd7c3750cdefa99d7fab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

odbcjt32.pdb

Imports

msvcrt

malloc
swprintf_s
_snwprintf_s
wcspbrk
_splitpath_s
towupper
bsearch
_heapmin
_wsplitpath_s
modf
_itow
_wcsnicmp
iswctype
_ltow
_except_handler4_common
_initterm
_amsg_exit
_XcptFilter
strtod
_errno
strncpy_s
_ecvt
_mbsrev
_strnicmp
localtime
time
strchr
_ultoa
_ltoa
towlower
_wstat
wcscspn
swscanf_s
sprintf_s
strcat_s
wcstol
wcsstr
wcsncat_s
_wchdir
wcscat_s
wcschr
strcpy_s
_getcwd
wcsrchr
wcstok
_snprintf_s
memcpy
floor
_vsnwprintf_s
calloc
free
_wtol
_wfullpath
_wcsicmp
_wtoi
wcsncmp
wcscpy_s
wcsncpy_s
memmove
_ftol2
_ftol2_sse
memset

kernel32

LoadLibraryA
OutputDebugStringW
ExpandEnvironmentStringsA
GetModuleFileNameW
GetSystemDefaultLCID
GetTickCount
GetSystemTimeAsFileTime
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
GetNumberFormatA
GetCurrencyFormatA
GetTimeFormatA
GetDateFormatA
FreeResource
LockResource
LoadResource
FindResourceW
CloseHandle
CreateFileW
MoveFileW
GetTempFileNameW
GetTempPathW
DeleteFileW
FindClose
FindNextFileW
FindFirstFileW
lstrlenW
GetCurrentProcessId
GetProcessVersion
DeleteCriticalSection
InitializeCriticalSection
WritePrivateProfileStringW
GetWindowsDirectoryW
GetCurrentDirectoryW
GetSystemDirectoryW
LeaveCriticalSection
GetPrivateProfileStringW
MultiByteToWideChar
GetModuleFileNameA
LoadLibraryExA
GetLastError
GetProcAddress
FreeLibrary
WideCharToMultiByte
GetCurrentThreadId
EnterCriticalSection
GetUserDefaultLCID

user32

LoadCursorW
SetCursor
ReleaseDC
GetDC
CharToOemA
DestroyWindow
CreateDialogParamW
CharUpperW
SetWindowPos
LoadStringW
MoveWindow
ClientToScreen
GetClientRect
GetWindowRect
GetDesktopWindow
GetParent
RegisterWindowMessageA
GetWindowTextLengthW
ShowWindow
GetWindow
SetFocus
IsWindowEnabled
LoadCursorA
EnableWindow
CharLowerW
DialogBoxParamA
EndDialog
SetWindowLongA
GetWindowLongA
GetWindowTextW
DialogBoxParamW
SendMessageW
GetDlgItem
SetWindowTextW
MessageBoxW

advapi32

RegOpenKeyExW
RegOpenKeyExA
GetUserNameW
RegQueryValueExW
RegEnumKeyExW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExA
RegCloseKey

gdi32

GetTextExtentPointW

comdlg32

GetOpenFileNameW
GetSaveFileNameW

msjet40

ord150
ord110
ord112
ord185
ord157
ord56
ord304
ord108
ord316
ord158
ord172
ord179
ord159
ord120
ord310
ord126
ord317
ord136
ord145
ord133
ord140
ord132
ord151
ord138
ord178
ord137
ord319
ord302
ord156
ord311
ord146
ord107
ord104
ord109
ord169
ord153
ord130
ord103
ord154
ord176
ord906
ord167

mswstr10

ord3

Exports

Exports

AdvancedDialogProc
ConfigDSN
ConfigDSNExW
ConfigDSNW
ConfigDialogProc
ConfigDriverW
DefTxtFmtDlgProc
DllMain
InitDialogAgain
InitializeLoginDialog
InvisibleSelectDb
LoadByOrdinal
LoginDialogProc
OpenDirHook
RepairCompactProc
SQLAllocConnect
SQLAllocEnv
SQLAllocHandle
SQLAllocStmt
SQLBindCol
SQLBindParameter
SQLBulkOperations
SQLCancel
SQLCloseCursor
SQLColAttributeW
SQLColumnsW
SQLConnectW
SQLCopyDesc
SQLDescribeColW
SQLDisconnect
SQLDriverConnectW
SQLEndTran
SQLExecDirectW
SQLExecute
SQLExtendedFetch
SQLFetch
SQLFetchScroll
SQLFreeConnect
SQLFreeEnv
SQLFreeHandle
SQLFreeStmt
SQLGetConnectAttrW
SQLGetCursorNameW
SQLGetData
SQLGetDescFieldW
SQLGetDescRecW
SQLGetDiagFieldW
SQLGetDiagRecW
SQLGetFunctions
SQLGetInfoW
SQLGetStmtAttrW
SQLGetTypeInfoW
SQLMoreResults
SQLNativeSqlW
SQLNumParams
SQLNumResultCols
SQLParamData
SQLPrepareW
SQLProcedureColumnsW
SQLProceduresW
SQLPutData
SQLRowCount
SQLSetConnectAttrW
SQLSetCursorNameW
SQLSetDescFieldW
SQLSetDescRec
SQLSetEnvAttr
SQLSetPos
SQLSetScrollOptions
SQLSetStmtAttrW
SQLSpecialColumnsW
SQLStatisticsW
SQLTablesW
SelectIndexDlgProc
SelectUIdxDlgProc

Sections

.text
Size: 234KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9abc7bd3307bd7c3750cdefa99d7fab

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

advapi32

gdi32

comdlg32

msjet40

mswstr10

Exports

Exports

Sections

.text Size: 234KB - Virtual size: 234KB

.data Size: 20KB - Virtual size: 21KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 33KB - Virtual size: 33KB

.reloc Size: 151KB - Virtual size: 151KB

.text
Size: 234KB - Virtual size: 234KB

.data
Size: 20KB - Virtual size: 21KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 33KB - Virtual size: 33KB

.reloc
Size: 151KB - Virtual size: 151KB