873d12203a52935e33cdd71b848dfc910da58acb1ae79063005d30677aaaca4bN

General

Target

873d12203a52935e33cdd71b848dfc910da58acb1ae79063005d30677aaaca4bN
Size

168KB
MD5

9889f97da91fc43e148148b33484e9e0
SHA1

e8b6999ec5e85324e6cab86f4e77891a981bff0f
SHA256

873d12203a52935e33cdd71b848dfc910da58acb1ae79063005d30677aaaca4b
SHA512

05ccb12ecbd42b4d0852a5985686bc4626b4eb42fba0702e60b926dcc42747a2a484768aad222bd1b1c919fdc46f154e6774f54753a0fbe2e909b4aa6223bbab
SSDEEP

3072:z06pBYJWsXK/7D7/Wwt2gcTAJTWESmTROZlamZdSGCu7Apz1/nVh:zd4Wl/PbWVmT0TZcGCRlVh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
873d12203a52935e33cdd71b848dfc910da58acb1ae79063005d30677aaaca4bN

Files

873d12203a52935e33cdd71b848dfc910da58acb1ae79063005d30677aaaca4bN
.exe windows:4 windows x86 arch:x86

52d0a4c4bb6edf3b12030458917201d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
SetConsoleMode
GetConsoleMode
GetStdHandle
Sleep
SetConsoleCtrlHandler
IsDBCSLeadByte
GetFileType
GetStartupInfoA
WideCharToMultiByte
FlushFileBuffers
GetModuleHandleA
CreateFileA
GetStringTypeW
SetFilePointer
GetTimeZoneInformation
ReadFile
GetStringTypeA
LoadLibraryA
GetProcAddress
CloseHandle
HeapFree
HeapReAlloc
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
GetLocaleInfoA
SetEndOfFile
LCMapStringW
LCMapStringA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapAlloc
GetModuleFileNameA
GetLocalTime
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
InterlockedIncrement
VirtualAlloc
GetACP
GetOEMCP
SetHandleCount
HeapDestroy
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
SetStdHandle
InterlockedDecrement
HeapCreate
VirtualFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection

odbc32

ord19
ord6
ord14
ord9
ord1
ord10
ord2
ord41
ord15
ord50
ord42
ord3
ord16
ord18

odbcbcp

ord11
ord9
ord15
ord12
ord1
ord8
ord4
ord16

user32

wsprintfA
LoadStringA

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

52d0a4c4bb6edf3b12030458917201d4

Headers

File Characteristics

Imports

kernel32

odbc32

odbcbcp

user32

Sections

.text Size: 64KB - Virtual size: 62KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 76KB - Virtual size: 76KB

.text
Size: 64KB - Virtual size: 62KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 76KB - Virtual size: 76KB