4bd40c0d8f58da85a62e83e2cd28bea0N[.]exe | Triage

Sharing

General

Target

4bd40c0d8f58da85a62e83e2cd28bea0N.exe
Size

72KB
MD5

4bd40c0d8f58da85a62e83e2cd28bea0
SHA1

50fcaf9c15c3472e18c06adac83a356625dc5ed1
SHA256

64a4a9bcb0ec72c1202faef3b2b59c0ff792443b305882af9861bf94f8521fda
SHA512

072826a8fd4eea29e88c02f461ec234d3e702a726bdcc4137624be06731c4a77661fba43eccd143f347172f4468543a8398d191d87eddf88fe094f59b0be3601
SSDEEP

1536:PUkSqav43V991voUntdRrW+Kuemc4bMmSwuRy9N:Lh/7w6HRClueYomARy9N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bd40c0d8f58da85a62e83e2cd28bea0N.exe

Files

4bd40c0d8f58da85a62e83e2cd28bea0N.exe
.dll windows:4 windows x86 arch:x86

03b8ca2a1c3a5104b25a805714273b98

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
MultiByteToWideChar
lstrlenA
WideCharToMultiByte

user32

wsprintfA

odbc32

ord20
ord51
ord7
ord14
ord41
ord1
ord2
ord9
ord16
ord23
ord15
ord13
ord18
ord11
ord66
ord3
ord19
ord12
ord17
ord64
ord4
ord72
ord10
ord59
ord50

Exports

Exports

JMP9ODBC

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ