e076a446e65f27b4a6919a427923c61722f11f778a62fb88aff5757c642de618 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e076a446e65f27b4a6919a427923c61722f11f778a62fb88aff5757c642de618
Size

305KB
MD5

fa77d0162ae6ea34272a346b98179e44
SHA1

39a6f2be5204b90e95a85993af971f319bb185f5
SHA256

e076a446e65f27b4a6919a427923c61722f11f778a62fb88aff5757c642de618
SHA512

eec9ee75d7e8203568448d63374b9523f1a450f8966951656f8b18b52e4829b8711ce01ce49c008acb38792bd86486b90f1aaa793212d50fda9e009c1ee2a675
SSDEEP

6144:b4P4VI4yKHDrVHfFoIO/xS+oVCxLm6YdJkhmoZMPGd:LVIPKjrPOEPCLm3+Aq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e076a446e65f27b4a6919a427923c61722f11f778a62fb88aff5757c642de618

Files

e076a446e65f27b4a6919a427923c61722f11f778a62fb88aff5757c642de618
.dll windows x86

37473b2c490fc83460bd0fd4cc8e3fd9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

SetParent

gdi32

CreatePolygonRgn

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

CLSIDFromString

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

ws2_32

inet_ntoa

comdlg32

GetSaveFileNameA

Exports

Exports

ChatInfoManagerDestroy
ChaterInfoMgrQuery

Sections

.text
Size: 294KB - Virtual size: 904KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE