11cd1d14254a165f73bafe37aaaad86d7d7bfd4114dc31b3efeae088fa27a428 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11cd1d14254a165f73bafe37aaaad86d7d7bfd4114dc31b3efeae088fa27a428
Size

1.0MB
MD5

f3623094912dda6e4acdf3295fd43f49
SHA1

b1e5dd738d81c0eaa54fea8655cfc21bbcd5db37
SHA256

11cd1d14254a165f73bafe37aaaad86d7d7bfd4114dc31b3efeae088fa27a428
SHA512

a67c70e1cc7c0940f9f833e44d2661bbd5eca54e3cafb09b04243a3aa47a760867bce9b2ce81fa5f65ec9a1d84bf9669dd60682fa6b610483e4880656d49cbb0
SSDEEP

12288:rssj2/NZ8HXlgf2At09vCfGCJ3i+GQhDGS2+/asq1UYI3wQtO4Kie/nw8SIjTdvd:r5j2Eqf2Atje2aa/k1M3wQg4KxnwaHF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11cd1d14254a165f73bafe37aaaad86d7d7bfd4114dc31b3efeae088fa27a428

Files

11cd1d14254a165f73bafe37aaaad86d7d7bfd4114dc31b3efeae088fa27a428
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

SetHook
get_canshu_dz

Sections

CODE
Size: 882KB - Virtual size: 881KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 12.8MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 94B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ