aee1d02d1d2a22610d3c7f9ab4dc78f1d2ff27c1c3b3dc663faf7fd3795c110d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aee1d02d1d2a22610d3c7f9ab4dc78f1d2ff27c1c3b3dc663faf7fd3795c110d
Size

1.2MB
MD5

f81fc87a82e628512761653d103abfba
SHA1

7e0e4ff9fcde5fbbf2ab8f93c713f62aeed2b822
SHA256

aee1d02d1d2a22610d3c7f9ab4dc78f1d2ff27c1c3b3dc663faf7fd3795c110d
SHA512

2dbbc6f75aada85f2822e63b6e481f0df121774a7e737a8df5f182d8092fb3795f9c5ecc3588b072afb6be812ec972447530995af00a956532f971acc8d67e1f
SSDEEP

24576:/UfSTftFFjRTF4i1tzk1j7Ega3aqyF2Du8OnTXreGiq/bXD:sEF9FLto1q3ty868QbLl/rD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aee1d02d1d2a22610d3c7f9ab4dc78f1d2ff27c1c3b3dc663faf7fd3795c110d

Files

aee1d02d1d2a22610d3c7f9ab4dc78f1d2ff27c1c3b3dc663faf7fd3795c110d
.dll windows x86

e790e0d3ab654f3eb6de57cd8c3a7ade

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetSystemPaletteUse

advapi32

ConvertToAutoInheritPrivateObjectSecurity
RegEnumKeyExW
MapGenericMask
InitializeAcl

lz32

LZInit

msvcrt

memset

winscard

SCardSetCardTypeProviderNameW

imm32

ImmSetCompositionStringW

kernel32

OutputDebugStringA
EscapeCommFunction
CreatePipe
GetCommandLineA
TzSpecificLocalTimeToSystemTime
GetProcessHeap
WaitForSingleObjectEx
GetModuleFileNameW
GetBinaryTypeW

ws2_32

select

msacm32

acmStreamUnprepareHeader

user32

MessageBeep
ChangeClipboardChain
SetSysColors
ToAsciiEx
GetCursorPos
LoadKeyboardLayoutW
GetClipboardFormatNameA
CheckMenuRadioItem
GetKeyboardLayout
GetForegroundWindow
GetDlgItem
RealChildWindowFromPoint
ShowScrollBar

Sections

.text
Size: 984KB - Virtual size: 980KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ