5e29aaf349ee65a49a785eb037bf91012237d723290703239add05b6c19956ca | Triage

Sharing

General

Target

5e29aaf349ee65a49a785eb037bf91012237d723290703239add05b6c19956ca
Size

1.4MB
MD5

e5a6a8f4700385599b57715374dd69e6
SHA1

3c79e76be707662fb917394808e090f1cd1dfd55
SHA256

5e29aaf349ee65a49a785eb037bf91012237d723290703239add05b6c19956ca
SHA512

9536c980255e73950984f768d4805ea52bb25822964bbc48db3c2c232ee8672a2e0b76a929bcc82e7897f683e51a85aeaf7efd490e7eb4a3134e994b54e18a80
SSDEEP

24576:bVNc+Q5E4vNwyGnCaid/B++/nbwj7jEE6xUco2o4WNACuLXSDAci7X:bzc+Q5E4vGyGCaid/B+jfEFxvK4WzmSG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e29aaf349ee65a49a785eb037bf91012237d723290703239add05b6c19956ca

Files

5e29aaf349ee65a49a785eb037bf91012237d723290703239add05b6c19956ca
.dll windows x86

7609bd93347d96f953783d63a8f2e0e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

memset

advapi32

InitializeAcl
ReportEventW
SetSecurityDescriptorGroup
MapGenericMask

lz32

LZOpenFileA
LZOpenFileW

imm32

ImmGetProperty

user32

GetDlgItem
ChangeClipboardChain
CheckMenuRadioItem
IsWinEventHookInstalled
FreeDDElParam
ToAsciiEx
GetForegroundWindow
SetSysColors
RealChildWindowFromPoint
GetKeyboardLayout
ShowScrollBar
MessageBeep
GetCursorPos

msacm32

acmStreamClose

kernel32

TzSpecificLocalTimeToSystemTime
EscapeCommFunction
CreatePipe
GetBinaryTypeW
OutputDebugStringA
GetModuleFileNameW
WaitForSingleObjectEx
GetLastError
GetProcessHeap
GetCommandLineA

gdi32

EndDoc

ws2_32

select

winscard

SCardFreeMemory

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ