a35e198c3128e677c6971015b6c5294c98360bd7c2d1d820c088734f49779775 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a35e198c3128e677c6971015b6c5294c98360bd7c2d1d820c088734f49779775
Size

1.4MB
MD5

f878075501e5f5798079783d4f39ad7e
SHA1

99ceb5e6f4d5e9b0592ddbb47fed7c915f008005
SHA256

a35e198c3128e677c6971015b6c5294c98360bd7c2d1d820c088734f49779775
SHA512

d618256496fe248a17e4c3cf86661f65b2978d6a6767b5708d8df44116eae33515d2b5c2b86a7a27f650aa5a4824d23cee82e5a89fd5cc39671d73e941180baa
SSDEEP

24576:QT05LOBROwIHjmCXW1WvzjRtG6wQ6O9+ytWBS8w:QIA8wAXKMfR0lQ6OP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a35e198c3128e677c6971015b6c5294c98360bd7c2d1d820c088734f49779775

Files

a35e198c3128e677c6971015b6c5294c98360bd7c2d1d820c088734f49779775
.dll windows x86

8e4f7aeb74cd161b608dc6b31d35af3d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

memset

shlwapi

StrFormatByteSizeW

ws2_32

select

winscard

SCardGetCardTypeProviderNameA

msacm32

acmGetVersion

ole32

CoFreeUnusedLibraries

gdi32

SetTextCharacterExtra
GetDIBits
GetPath
FloodFill
SetGraphicsMode

kernel32

GetHandleInformation
PulseEvent
GetSystemDefaultLCID
GetProcessHeap
GetModuleFileNameW
GetBinaryTypeW
OutputDebugStringA
SetConsoleCursorPosition
WaitForSingleObjectEx
PurgeComm

lz32

LZClose
LZOpenFileA

advapi32

CryptEnumProvidersW
RegDeleteKeyW

user32

CreateMenu
SendDlgItemMessageW
GetClipboardViewer
GetCursorInfo
InSendMessage

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ