4a2f49f4ee6ee81728c48a823a2d95dbf4fb17a7fe227c5ad5419804a14a8b05 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a2f49f4ee6ee81728c48a823a2d95dbf4fb17a7fe227c5ad5419804a14a8b05
Size

136KB
MD5

3623c38f3a9e2e72a2f3bef39ba82d64
SHA1

fb7abb2cbdd7089b0d06f44b4f9770b170fa0588
SHA256

4a2f49f4ee6ee81728c48a823a2d95dbf4fb17a7fe227c5ad5419804a14a8b05
SHA512

5a60abdc7fc2f4e837ca505bc6195839226da3428921f7238aaa408f1460be0ca4abc21a454895506aa32f2dd4ea17df1f71c260774d256b53ecc45d0192e8c7
SSDEEP

3072:HadLZS8/USZRCF4iB0hfKo5587NklD/ZPQtljEQ7I5:2LZv/USZROQ758p/fj7i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a2f49f4ee6ee81728c48a823a2d95dbf4fb17a7fe227c5ad5419804a14a8b05

Files

4a2f49f4ee6ee81728c48a823a2d95dbf4fb17a7fe227c5ad5419804a14a8b05
.dll windows x86

dceec1d77348b633a7c7220b9274dfc1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

TranslateMessage

gdi32

GetDeviceCaps

winspool.drv

DocumentPropertiesA

advapi32

RegCloseKey

comctl32

ord17

Exports

Exports

commandline
divxmain

Sections

.text
Size: 130KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE