b4349a8c55d2d364e52b485a9da36543afb172ab810bdf9df3d2998daa06e176 | Triage

Sharing

General

Target

b4349a8c55d2d364e52b485a9da36543afb172ab810bdf9df3d2998daa06e176
Size

83KB
MD5

2da3c812ce1c21ca1222ed4b2a0ae7e1
SHA1

fec1e001ef1bd8c69612fa99da9953d4050a2eac
SHA256

b4349a8c55d2d364e52b485a9da36543afb172ab810bdf9df3d2998daa06e176
SHA512

adc5195778f95d83affd3199faf2e4138da193e816eba30dd2abe47a177d368557b96ccae2960a7eeddcaaaf441b6591f32b9cc092bf594588d6ba32b5647755
SSDEEP

1536:iyXi33nrvbsTfvMtExf5strgV9JrnX6VG+GRi35LTapQb:i0WrknMOktrgJoG+GR85/apC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4349a8c55d2d364e52b485a9da36543afb172ab810bdf9df3d2998daa06e176

Files

b4349a8c55d2d364e52b485a9da36543afb172ab810bdf9df3d2998daa06e176
.dll windows x86

d835a0eb1fb00afc0d0b9753e9110e40

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

LoadCursorA

gdi32

GetClipBox

comdlg32

GetOpenFileNameA

winspool.drv

OpenPrinterA

advapi32

RegSetValueExA

comctl32

ord17

Exports

Exports

winampDSPGetHeader2

Sections

.text
Size: 76KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE