138141c7bfdb8767861c6ba399ea1209a6f0a31f0b5d30f5c8bb3a1980b65632 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

138141c7bfdb8767861c6ba399ea1209a6f0a31f0b5d30f5c8bb3a1980b65632
Size

136KB
MD5

c65b8e2b59591a4cfccfbe1fe83182b5
SHA1

3db63606cc090714b2df95cf253f848b5a623d3e
SHA256

138141c7bfdb8767861c6ba399ea1209a6f0a31f0b5d30f5c8bb3a1980b65632
SHA512

2c4ba9013ef9494ccb7b5000c63a6d0e6c99d35d9b3b5b66bc8f9a02a1b438a2d0434e079c315f65f183d4791cc8819c30571f5e153b9fb8a5d8f13b3aa1c56e
SSDEEP

3072:mkCELnoWzwaxY1tmhYmFnfbDBXv9dFVqZ5Q6OIi12:mkC8nFzDa1aYmtXBXldFV65R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
138141c7bfdb8767861c6ba399ea1209a6f0a31f0b5d30f5c8bb3a1980b65632

Files

138141c7bfdb8767861c6ba399ea1209a6f0a31f0b5d30f5c8bb3a1980b65632
.dll windows x86

dceec1d77348b633a7c7220b9274dfc1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

TranslateMessage

gdi32

GetDeviceCaps

winspool.drv

DocumentPropertiesA

advapi32

RegCloseKey

comctl32

ord17

Exports

Exports

commandline
divxmain

Sections

.text
Size: 130KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE