976cf90897582329e4c83402251b029e6e26c6a13f38bfd0dc10f83d70c8a50b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

976cf90897582329e4c83402251b029e6e26c6a13f38bfd0dc10f83d70c8a50b
Size

3.4MB
MD5

19fbeee36d6b353810261bf79321364b
SHA1

3d687ff5525ccae12a001be43ac0cd2948fe13ba
SHA256

976cf90897582329e4c83402251b029e6e26c6a13f38bfd0dc10f83d70c8a50b
SHA512

30e734d41e042f7b51457dc2d5062af7fde424cd8db56be798140b931cd75f069086fa7da719d9e723395f3443ad0297e82521a19ecc6b62748f20e1c9e38cc0
SSDEEP

24576:+y/PXEdZXmvRGoBNcQjW0rZhTS1q+3ucLFqwDKi/009PMqwZ:r/PGm5xFjWYDTsjLFnDb/00

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
976cf90897582329e4c83402251b029e6e26c6a13f38bfd0dc10f83d70c8a50b

Files

976cf90897582329e4c83402251b029e6e26c6a13f38bfd0dc10f83d70c8a50b
.dll windows x86

2b80ba576b62baae211777c51a036c95

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

vcruntime140d

__std_type_info_destroy_list
_except_handler4_common
memset

ucrtbased

_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
InitializeSListHead

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 380B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ