39cceacb796090b06175f420dc62f10304f4e732430e61aa4e55062babac0545 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39cceacb796090b06175f420dc62f10304f4e732430e61aa4e55062babac0545
Size

176KB
MD5

769b47d7344746b7e49607c658896e0f
SHA1

6888753654264c6ec76cac7adb1a995f9fa11331
SHA256

39cceacb796090b06175f420dc62f10304f4e732430e61aa4e55062babac0545
SHA512

e455f8d7600aa1e21e3d5fb324f1b61e5f1de0d29e6886fe79b2c0e3d493b65dddb29b849836f3ea7c1afc70d86824be2ac17a72b46f3f64be2b7758e196bd84
SSDEEP

3072:D+1hV+YGci4or23xfSej/tIrXGk/peXyrQXl3YyJWrA6sAt7vjQ3yq:D+1hV+YGx4oqhKej/GrXReXT3YyerB7U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39cceacb796090b06175f420dc62f10304f4e732430e61aa4e55062babac0545

Files

39cceacb796090b06175f420dc62f10304f4e732430e61aa4e55062babac0545
.dll windows x86

1a8f62b4e5252c674728e43920e7a470

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

shell32

ShellExecuteA

ole32

CoGetMalloc

comctl32

ImageList_SetIconSize

Exports

Exports

DLLRun
HtInit
HtTest

Sections

CODE
Size: 166KB - Virtual size: 456KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE