e8b131157ec417a4b5f9459352111bb6646e8fe12ba7deb58b604cad88a8420d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e8b131157ec417a4b5f9459352111bb6646e8fe12ba7deb58b604cad88a8420d
Size

17KB
MD5

c51a591f62e121269ee95ad9399ecabf
SHA1

829c0cf5852e0e3fd2562b63595c282a054b0edd
SHA256

e8b131157ec417a4b5f9459352111bb6646e8fe12ba7deb58b604cad88a8420d
SHA512

39d3f001974943678f6d91cd6dbef8d4eb0afede1d0d47e37e35a102b9d7aae8962510e642fe4649a48b7a7da2e49334438636719ab8be94d9c0dec49cb74684
SSDEEP

192:nDqeRwdb3enG2RxnSGzTcb7dYMnW0TYxm2pXEz4JWaULI7kbSHkFQc3psZ/Q99gy:DqzdeGQ/TcFPnW0wp0tekWo5s5eGZvXI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8b131157ec417a4b5f9459352111bb6646e8fe12ba7deb58b604cad88a8420d

Files

e8b131157ec417a4b5f9459352111bb6646e8fe12ba7deb58b604cad88a8420d
.dll windows x86

655be6d4b6825ae7c96140c054e1ac0c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

RegQueryValueExW

user32

GetKeyboardType

Exports

Exports

AssembleApplication
AssembleModule

Sections

.text
Size: 11KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE