dd1922befabc1184e6b3e4183a97492c5fe7fb60cae7ed299d90012ea3fe3b9e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd1922befabc1184e6b3e4183a97492c5fe7fb60cae7ed299d90012ea3fe3b9e
Size

5KB
MD5

a179a1aed5e3da7f300c83db9aab1d4b
SHA1

85d26420cd345aae9a30138fabfbef8fa5dc9b4d
SHA256

dd1922befabc1184e6b3e4183a97492c5fe7fb60cae7ed299d90012ea3fe3b9e
SHA512

27914412ee0f2d6e2c96d7001840db7b544ff623cd623544a4854ed4c716ee1c4a334fceaf27196243115ec509c70f91cccd094301e95dc1854a7745f6328460
SSDEEP

24:etGSI59omUgu4F/+/fJ3hGRoUU5Ug0RIBOnpV:6yLuzZyRIB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd1922befabc1184e6b3e4183a97492c5fe7fb60cae7ed299d90012ea3fe3b9e

Files

dd1922befabc1184e6b3e4183a97492c5fe7fb60cae7ed299d90012ea3fe3b9e
.dll windows x64

ffe96261dd6b7ddbba14d5b575fe955c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ExitProcess
Sleep
WinExec

user32

MessageBoxA

Exports

Exports

example
start

Sections

.text
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ