06680092b8a3ab6406ac77bd2331d462be666ae58f9dfede2b382d2513ce2147 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06680092b8a3ab6406ac77bd2331d462be666ae58f9dfede2b382d2513ce2147
Size

66KB
MD5

d11744a11023d4cd477284c59255637c
SHA1

9bda13b8383ee02ddb0138f54acd880bfd281162
SHA256

06680092b8a3ab6406ac77bd2331d462be666ae58f9dfede2b382d2513ce2147
SHA512

7eb99c0b0a8bb2f045b73af2d93d17a08bec6ebea64fac2f27a8a23ac3b94f904dfc02eab5dcf2faaa3789c149ee39ed868dbc189f0476456b248546fd069c3c
SSDEEP

1536:7hfDVTcNZTRNOaoS10CvMoTxppTxNjr2qeaz7Tk97nLc867iMr:7lBTEZTR4Q0CjTzpTxlniFJ67iMr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06680092b8a3ab6406ac77bd2331d462be666ae58f9dfede2b382d2513ce2147

Files

06680092b8a3ab6406ac77bd2331d462be666ae58f9dfede2b382d2513ce2147
.dll windows:5 windows x86 arch:x86

1a4b380f0031c785b55db6b412d7e746

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

TranslateMessage

gdi32

Escape

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

comctl32

ord17

Exports

Exports

commandline
divxmain

Sections

.text
Size: 59KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE