2fffdddd14b67ebf3238e5a23486dc24abce820b4e57c3e0fe11d3188f1b01f4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2fffdddd14b67ebf3238e5a23486dc24abce820b4e57c3e0fe11d3188f1b01f4
Size

136KB
MD5

f0e2d86202cc8f27cf748b49a9c09da7
SHA1

480ddca5fdbdc43f898a189a6f7b24fbfb8e98fd
SHA256

2fffdddd14b67ebf3238e5a23486dc24abce820b4e57c3e0fe11d3188f1b01f4
SHA512

26b31f7e7d62cd316142d4992c1ac562ae2d808911febec85846817f83cd8899c52850cd8be7e18f930814f3e8fc59ef23e77a82221a22ba25ad1512f7d48b06
SSDEEP

3072:mkCELnoWzwaxY1tmhYmFnfbDBXv9dFVqZ5Q6OIi10:mkC8nFzDa1aYmtXBXldFV65v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fffdddd14b67ebf3238e5a23486dc24abce820b4e57c3e0fe11d3188f1b01f4

Files

2fffdddd14b67ebf3238e5a23486dc24abce820b4e57c3e0fe11d3188f1b01f4
.dll windows x86

dceec1d77348b633a7c7220b9274dfc1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

TranslateMessage

gdi32

GetDeviceCaps

winspool.drv

DocumentPropertiesA

advapi32

RegCloseKey

comctl32

ord17

Exports

Exports

commandline
divxmain

Sections

.text
Size: 130KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE