80a6114edb06d73bf7f8e5b8aa5706d130d6ab64ae91b563389d44ec7754d924 | Triage

Sharing

General

Target

80a6114edb06d73bf7f8e5b8aa5706d130d6ab64ae91b563389d44ec7754d924
Size

136KB
MD5

2029e93846f7f9891f0af315eba95ae7
SHA1

3b1f8f258eaf70a18aa6f7b256a1dee24f24847c
SHA256

80a6114edb06d73bf7f8e5b8aa5706d130d6ab64ae91b563389d44ec7754d924
SHA512

61cf4e7252fbea557ceb73f82d38da7734224e2c9c51f01d51c80a007c5395a86e8af125d9e35ae4b1cc456ca1ea666dcbc3bdc2714b6f923f619c7de0618dfa
SSDEEP

3072:mkCELnoWzwaxY1tmhYmFnfbDBXv9dFVqZ5Q6OIi1H:mkC8nFzDa1aYmtXBXldFV65w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
80a6114edb06d73bf7f8e5b8aa5706d130d6ab64ae91b563389d44ec7754d924

Files

80a6114edb06d73bf7f8e5b8aa5706d130d6ab64ae91b563389d44ec7754d924
.dll windows:4 windows x86

dceec1d77348b633a7c7220b9274dfc1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

TranslateMessage

gdi32

GetDeviceCaps

winspool.drv

DocumentPropertiesA

advapi32

RegCloseKey

comctl32

ord17

Exports

Exports

commandline
divxmain

Sections

.text
Size: 130KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE