daaa73b9fdad471478fd163f1e50a37ceee19463bdcfc6fc8689bf1543c5795d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

daaa73b9fdad471478fd163f1e50a37ceee19463bdcfc6fc8689bf1543c5795d
Size

314KB
MD5

9625fb53cba895bc0673d28d9c1454b2
SHA1

7c64a00c4b56b473fefec5ac892e0d76ef601ea5
SHA256

daaa73b9fdad471478fd163f1e50a37ceee19463bdcfc6fc8689bf1543c5795d
SHA512

12f7bd6699352ecd27aed409841f4958f979516c00b5dd6f074dace421a1bad636d7b2e8b510c5f99385e69d07a176d6eb5495e87f833a736f8b5ae2dbcc4cc0
SSDEEP

6144:GpuuVJ891PuLPHy1nAbzY1PxQLK0p65N+qVhUfxY63KwqYyDE9f+7SKd5:GpRVJg0onAo1PxQHA5Mz1qJDGfKHd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
daaa73b9fdad471478fd163f1e50a37ceee19463bdcfc6fc8689bf1543c5795d

Files

daaa73b9fdad471478fd163f1e50a37ceee19463bdcfc6fc8689bf1543c5795d
.dll windows x86

c8fd27424ae1c7678dd6ea071c814c4a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

wsock32

inet_addr

mfc42

ord823

msvcrt

printf

user32

DrawFocusRect

gdi32

GetStockObject

shell32

SHGetPathFromIDListA

comctl32

_TrackMouseEvent

msvcp60

?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

h264play

ord104

Exports

Exports

Config_GetRect
Config_Init
Config_MoveWindow
Config_Refush
Config_SetCallback
Config_UnInit
Config_languageInit

Sections

.text
Size: 299KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE