c7ed6a387d084209de390818d61904600cc1fbb75f051d8111bd2c87d28201de | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7ed6a387d084209de390818d61904600cc1fbb75f051d8111bd2c87d28201de
Size

72KB
MD5

c5dd575a7ce270e85b1beb9bf5fee5cf
SHA1

bcd87f6d1a73b03e0a394f58e359d41a115cb2fd
SHA256

c7ed6a387d084209de390818d61904600cc1fbb75f051d8111bd2c87d28201de
SHA512

33fc5d45d5d37b3c81f06690b8a60334fee6f41c053eedf5fdd0db2a4a49bee6a5da6d5bf7e85d2c6b286051cac42adf01f09cb5568c339b5db6abf5f812df53
SSDEEP

1536:X2sZzUPvMUkHuj8fEo1CdXVG58r3RFmW4PwskMUl:mKzUP0UkHis51Ctf3DYIqs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7ed6a387d084209de390818d61904600cc1fbb75f051d8111bd2c87d28201de

Files

c7ed6a387d084209de390818d61904600cc1fbb75f051d8111bd2c87d28201de
.dll windows x86

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Exports

Exports

Sy_Get
Sy_Initialize

Sections

.text
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ