b710781ab31fdb93e5ee4e9b1e58b543c34f28cb7db74698b0a2b4a09f93f867 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b710781ab31fdb93e5ee4e9b1e58b543c34f28cb7db74698b0a2b4a09f93f867
Size

173KB
MD5

c257e8963ae910dc7d2769b4f90b24e3
SHA1

f94fb56d5044bb8977a6d9909743b12cf17f135f
SHA256

b710781ab31fdb93e5ee4e9b1e58b543c34f28cb7db74698b0a2b4a09f93f867
SHA512

42044982421206d7999a3b09080a43ad74b0ec4d2211a409a29738d08f81786f56ead01d58718aa35a5b581604146c58778cf5037bbd6d37fca17cbfbda8d6a8
SSDEEP

3072:tbf31g1UmfeNgEsYaLDL6PuGrdrUp1pyjE0rASnWNRlqU0BcYEfGAeuISKydYt:tT21UmfeNFsYaLzGxU1UjDVWNRlqUSxK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b710781ab31fdb93e5ee4e9b1e58b543c34f28cb7db74698b0a2b4a09f93f867

Files

b710781ab31fdb93e5ee4e9b1e58b543c34f28cb7db74698b0a2b4a09f93f867
.dll windows x86

25c60a12b6a13998325851ab78713d18

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetWindowThreadProcessId

gdi32

CreateFontIndirectA

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter

advapi32

RegQueryValueA

shell32

ExtractIconA

shlwapi

PathFindExtensionA

ole32

ReleaseStgMedium

oleaut32

SafeArrayDestroyData

guide_play

ord13

Exports

Exports

NP_GetEntryPoints
NP_GetMIMEDescription
NP_Initialize
NP_Shutdown

Sections

.text
Size: 166KB - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE