26e17da691acfaf1f19c4ac8b6594aeaf128af0a164573b9e7c6c8e77c3640e8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26e17da691acfaf1f19c4ac8b6594aeaf128af0a164573b9e7c6c8e77c3640e8
Size

136KB
MD5

e146c146dcfb6e6b12d1b64a598c38e8
SHA1

a59f003f61838bd4a91bc31834d36173fc646764
SHA256

26e17da691acfaf1f19c4ac8b6594aeaf128af0a164573b9e7c6c8e77c3640e8
SHA512

a3574190f796894f3fa486aa9640ca84f8c4c9aa7d4a04942ea3d862984808734c615d5ce1318807ff6cd6ab356833edb0b6e048d832a734fa188376040d980c
SSDEEP

3072:mkCELnoWzwaxY1tmhYmFnfbDBXv9dFVqZ5Q6OIi1S:mkC8nFzDa1aYmtXBXldFV65J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26e17da691acfaf1f19c4ac8b6594aeaf128af0a164573b9e7c6c8e77c3640e8

Files

26e17da691acfaf1f19c4ac8b6594aeaf128af0a164573b9e7c6c8e77c3640e8
.dll windows x86

dceec1d77348b633a7c7220b9274dfc1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

TranslateMessage

gdi32

GetDeviceCaps

winspool.drv

DocumentPropertiesA

advapi32

RegCloseKey

comctl32

ord17

Exports

Exports

commandline
divxmain

Sections

.text
Size: 130KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE