74670c5ea308197aa06804c1ba58318475b979aff39a8fa09aff0ed381204e21N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74670c5ea308197aa06804c1ba58318475b979aff39a8fa09aff0ed381204e21N
Size

512KB
MD5

205ecfde988c08642b4689de95b61940
SHA1

b7d329bc4f8278e054ae11504a89f1ace6534650
SHA256

74670c5ea308197aa06804c1ba58318475b979aff39a8fa09aff0ed381204e21
SHA512

52a87844fc279aea761b90fe8586dfcfa2f3cc4234c8eb792afa40cdfb96958a86673f0fa4f6cd4a0b6558385310b8efac8d91525665bebfc6983eca75d4a331
SSDEEP

6144:L98vc8xQWQCtAosjediFFIsjG6C0jum3xJqRs73fpVKMqvJB1:mvc8XtAosje0/Ispesbfpl81

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74670c5ea308197aa06804c1ba58318475b979aff39a8fa09aff0ed381204e21N

Files

74670c5ea308197aa06804c1ba58318475b979aff39a8fa09aff0ed381204e21N
.exe windows:5 windows x86 arch:x86

31b0a7570a241f76ec67c91c9015c573

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleW
OutputDebugStringA
GetStartupInfoA
GetTickCount
QueryPerformanceFrequency
RaiseException

user32

UnregisterClassA
FindWindowA

advapi32

RegOpenKeyExA
RegQueryValueExA

odbc32

SQLFreeHandle

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 811KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ