0b749242437c937a0e42e3060d5327b4d509c182fe8cc70c8623c77809534123 | Triage

Sharing

General

Target

0b749242437c937a0e42e3060d5327b4d509c182fe8cc70c8623c77809534123
Size

17KB
MD5

1ef300396d337e16402f01951e304d9f
SHA1

f1ec52cd1192bbf596b330fe5d1996fc2ee2ed20
SHA256

0b749242437c937a0e42e3060d5327b4d509c182fe8cc70c8623c77809534123
SHA512

fb7c9c0f6cca933e1f54e96fd135cff81f10713fe342a50d1475f261d8415ecb79da30f4942d973fedda2845b6c5508d1be08ece46a7f02aeca22502cf6ac435
SSDEEP

192:nDqeRwdb3enG2RxnSGzTcb7dYMnW0TYxm2pXEz4JWaULI7kbSHkFQc3psZ/Q99gK:DqzdeGQ/TcFPnW0wp0tekWo5s5eGZvXc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b749242437c937a0e42e3060d5327b4d509c182fe8cc70c8623c77809534123

Files

0b749242437c937a0e42e3060d5327b4d509c182fe8cc70c8623c77809534123
.dll windows x86

655be6d4b6825ae7c96140c054e1ac0c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

RegQueryValueExW

user32

GetKeyboardType

Exports

Exports

AssembleApplication
AssembleModule

Sections

.text
Size: 11KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE