3fa72a4845678721ff40545adad36a588f3310f1eea2b17a92a418239cd1ba63

Sharing

Copy URL

Twitter E-mail

General

Target

3fa72a4845678721ff40545adad36a588f3310f1eea2b17a92a418239cd1ba63
Size

976KB
MD5

d4c96b73f7595265ecb8093c0ba19ff8
SHA1

3a7edeae6d6d9b3353d581a72f36eb1776b07079
SHA256

3fa72a4845678721ff40545adad36a588f3310f1eea2b17a92a418239cd1ba63
SHA512

ab8242d638667949487ad31bb3ce99bfc78c4a1dc7b6919c11cd5fb69c360fa260498fe0ec07f0385b49b7b5e7fb8836aab7a308102c68a903132a12c45ae626
SSDEEP

24576:pEYLw0LCji87ffZVc4VIhOEtbLWUtVS+p7da0S3II3CeJdU8dYx/RLfVPh:pijiifZVWfssRtS373Cef6tfVPh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
3fa72a4845678721ff40545adad36a588f3310f1eea2b17a92a418239cd1ba63

Files

3fa72a4845678721ff40545adad36a588f3310f1eea2b17a92a418239cd1ba63
.dll windows:4 windows x86 arch:x86

976dc18d1dc298495e3b31bb95932599

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

b:\source\source.RR\56818\Release_OleDB_45\Wx\Win32\Release\wd180oldb.pdb

Imports

msvcrt

_onexit
__dllonexit
_adjust_fdiv
_initterm
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_CxxThrowException
__CxxFrameHandler
_except_handler3
wcsftime
setlocale
_atoi64
atof
strstr
wcstok
vswprintf
_fcvt
realloc
_vsnwprintf
_vsnprintf
strchr
memmove
_itow
_itoa
atoi
_lfind
time
wcsrchr
wcsncpy
wcscpy
wcscat
swscanf
_wtoi
qsort
iswspace
wcsstr
wcsncmp
isalpha
wcschr
_wcsnicmp
swprintf
calloc
strncpy
wcscmp
_purecall
memcmp
malloc
??2@YAPAXI@Z
??3@YAXPAX@Z
free
wcslen
_wcsicmp
bsearch

kernel32

LoadLibraryA
InterlockedExchange
LocalAlloc
lstrlenA
FreeLibrary
GetDriveTypeW
GetFullPathNameW
DeleteFileW
Sleep
CreateFileW
GetVersionExW
SetLastError
SetErrorMode
GetModuleHandleW
SetEndOfFile
FlushFileBuffers
UnlockFileEx
UnlockFile
LockFileEx
LockFile
SetFilePointer
ReadFile
WriteFile
CloseHandle
GetVolumeInformationW
GetLogicalDriveStringsW
GetFileInformationByHandle
LoadLibraryW
GetLastError
RaiseException
InterlockedDecrement
GetProcAddress
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedExchangeAdd
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
FormatMessageW

oleaut32

SysAllocString
VariantChangeType
SysFreeString
SysStringLen
VariantInit
VarDecRound
VariantCopy
VarCyFromDec
VariantClear
SafeArrayCreate
SystemTimeToVariantTime
VariantTimeToSystemTime
VarBstrFromDec
VarDecFromStr
SysStringByteLen
SysAllocStringByteLen
GetErrorInfo
SafeArrayRedim
SafeArrayUnaccessData
SafeArrayAccessData
VarDecCmp

Exports

Exports

CommandeComposante
Execution
TermLibrary
bDLLCompatible
bInitLibrary
bInitWLCalcFromVM
bInitWLConvFromVM
piQueryInterface

Sections

.text
Size: 548KB - Virtual size: 547KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

976dc18d1dc298495e3b31bb95932599

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

oleaut32

Exports

Exports

Sections

.text Size: 548KB - Virtual size: 547KB

.rdata Size: 252KB - Virtual size: 250KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 52KB - Virtual size: 50KB

.text Size: 112KB - Virtual size: 112KB

.text
Size: 548KB - Virtual size: 547KB

.rdata
Size: 252KB - Virtual size: 250KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 52KB - Virtual size: 50KB

.text
Size: 112KB - Virtual size: 112KB