gV276DW[.]~ | Triage

Sharing

Copy URL Twitter E-mail

General

Target

gV276DW.~
Size

1.2MB
MD5

95d20e6a3b9eaf4008cccadb3e894374
SHA1

8b30ee3a94c73c56391f125c9ff95cabe9a6de13
SHA256

c4edb64fd564d9adc736eb027c983e05ebe5d6790e56935f060e97a8fb8a00b3
SHA512

1b6eb4f51ee866e205401195e42f2a585d92d4c268412a8e0b2f32d39072a36ce5d6c0a5db0cd24b3e3e89b5d3f3e0955cda33e700ef7968a8a181862b4beb17
SSDEEP

24576:1VMfXBTaJnDUCLeHIGFphU+oVHhsyMU91ok0YysMJpod8AO:kTeDUCLcbhoVHlfDSYys4pK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
gV276DW.~

Files

gV276DW.~
.dll windows x86

42d0d5cb5866f4a514dbc30f8301c9c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetWindowsAccountDomainSid
MapGenericMask
InitializeAcl
SetNamedSecurityInfoW

msacm32

acmDriverEnum

lz32

LZInit
LZOpenFileW

gdi32

PolylineTo

winscard

SCardListReaderGroupsA

ws2_32

select

msvcrt

memset

imm32

ImmGetConversionStatus

kernel32

CreatePipe
WaitForSingleObjectEx
GetProcessHeap
CreateDirectoryW
GetModuleFileNameW
GetBinaryTypeW
TzSpecificLocalTimeToSystemTime
EscapeCommFunction
GetCommandLineA
OutputDebugStringA

user32

GetForegroundWindow
ToAsciiEx
GetCursorPos
GetDlgItem
MessageBeep
CallNextHookEx
OemKeyScan
CheckMenuRadioItem
GetKeyboardLayout
ShowScrollBar
RealChildWindowFromPoint
SetSysColors
ChangeClipboardChain

Sections

.text
Size: 976KB - Virtual size: 973KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ