5857af5898eb5fe08ad73718e26c0751acea0649734e2414472031728b163588 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5857af5898eb5fe08ad73718e26c0751acea0649734e2414472031728b163588
Size

42KB
MD5

0b7af0885483470c28f14486e1652601
SHA1

d4c285b0d9d9dccf3ec3db887358c3d61003dd93
SHA256

5857af5898eb5fe08ad73718e26c0751acea0649734e2414472031728b163588
SHA512

79542169282f7ac28403275e58813e4cd4798f463d65f5ffddae6e577207db2d164f2d7c35e303aea393ed56fb486ae4980940869bcf1c1e14b05d820543955e
SSDEEP

768:j2Lvl4hdO1fFGR0iztNOicCLxzbzvDsyWj6lJPp39bZP+Tv7:jkN1fA/33cCLBLs56Pb9+Tv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5857af5898eb5fe08ad73718e26c0751acea0649734e2414472031728b163588

Files

5857af5898eb5fe08ad73718e26c0751acea0649734e2414472031728b163588
.dll windows x86

e25f84875e45cf7ba7f06b2a8b5acfec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

timeGetTime

mfc42

ord825

msvcrt

??1type_info@@UAE@XZ

user32

GetCapture

gdi32

GetTextMetricsA

comctl32

_TrackMouseEvent

ole32

CreateStreamOnHGlobal

olepro32

ord251

oleaut32

SysStringLen

gdiplus

GdipGetImageHeight

msvcp60

?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXID@Z

Exports

Exports

CreateVideoWindow
ReleaseVideoWindow

Sections

.text
Size: 34KB - Virtual size: 808KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE