ed275b1e7068dfebcc9228311425fc68337785a4ee37b505dadc02b53fb0b16f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ed275b1e7068dfebcc9228311425fc68337785a4ee37b505dadc02b53fb0b16f
Size

283KB
MD5

11f2ed158cf6f8f7ec6bb555342c853d
SHA1

146b253304224552b972f77dc8108c5d2564e760
SHA256

ed275b1e7068dfebcc9228311425fc68337785a4ee37b505dadc02b53fb0b16f
SHA512

71bd319c6f8281aeee23244236f56a1cfbb56bfb1ed006f76a35ea604cd2c86a92a4105024e8f000388b61bc1764a4997e34ec2d8d1df2623220c69b84e3e5c5
SSDEEP

6144:0+VMPYC9fsfD/Lk09Wed9FB68Apt0TZwTE96hSPbOTsEyNsT1xV+Q:nMPyA0dd9Fw/0Vwg9yX8U+Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed275b1e7068dfebcc9228311425fc68337785a4ee37b505dadc02b53fb0b16f

Files

ed275b1e7068dfebcc9228311425fc68337785a4ee37b505dadc02b53fb0b16f
.dll windows:5 windows x64

5062876e350c31fd2eafdfa1f56716ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

UnhandledExceptionFilter
GetModuleHandleA

user32

GetActiveWindow
CreateCursor

comdlg32

GetOpenFileNameW

shell32

DragFinish
ShellAboutA

oleaut32

SysAllocString

shlwapi

PathFindFileNameW

advapi32

RegCloseKey

Exports

Exports

NsCreateAngel
NsGetAngleName
NsGoodByeAngel

Sections

.data
Size: - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE