0f13eb8fefbf811106564f9e56879fffe283bb4feabf609a9c5acf2f2abcd107 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f13eb8fefbf811106564f9e56879fffe283bb4feabf609a9c5acf2f2abcd107
Size

37KB
MD5

989a34568425eb4194436b05d49b8f29
SHA1

9e73a1d6ccaedd2e3c66379c71e18eff8b825ebd
SHA256

0f13eb8fefbf811106564f9e56879fffe283bb4feabf609a9c5acf2f2abcd107
SHA512

8fa87b7eb01589f991097b1f74c5073e7b012f00ee4a40a6bb0d631b0b0ce3d85bdaf17e8d3141c0b8132fb2f8677267c08b60b5b54e79e03c61d5bc31bbdff5
SSDEEP

768:Rhw1Y4kFbGDQa6db+yHD17d5N07ePGHYWf0uPjlU/GzU:RdFaDSdb+AD1Rdw4uPjG/gU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f13eb8fefbf811106564f9e56879fffe283bb4feabf609a9c5acf2f2abcd107

Files

0f13eb8fefbf811106564f9e56879fffe283bb4feabf609a9c5acf2f2abcd107
.dll windows x86

d15c96e985cc117cd92a49ea87ffa53b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

timeGetTime

mfc42

ord818

msvcrt

??1type_info@@UAE@XZ

user32

GetCapture

gdi32

GetTextMetricsA

comctl32

_TrackMouseEvent

ole32

CreateStreamOnHGlobal

olepro32

ord251

oleaut32

SysFreeString

gdiplus

GdipGetImageHeight

msvcp60

?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ

Exports

Exports

CreateVideoWindow
ReleaseVideoWindow

Sections

.text
Size: 29KB - Virtual size: 792KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE