43bbec4788ff4e190c9eb57006fac7e3d71a6e67ec280ce95ef1993fc124b60e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43bbec4788ff4e190c9eb57006fac7e3d71a6e67ec280ce95ef1993fc124b60e
Size

91KB
MD5

628c62811509ab73d3ddfbe62099084d
SHA1

7ff7e652f4255d9ca3565b73bdb4b79baf838d5b
SHA256

43bbec4788ff4e190c9eb57006fac7e3d71a6e67ec280ce95ef1993fc124b60e
SHA512

f1e9e538b5a6a06c4983ed2feac626a9f20c2a2eda096b7a758e59b1c194b24734fc3eb313c8f7f3d6aa12ef10db49c64c7d47e1a518db80b1d4e49a820dd651
SSDEEP

1536:EgwfJFoQDc1+GJtcwYqyyEWwjaeiMIPmb5JnSMTRvkXffC55fh:uRFUMGJj9yxWwjaeirub5JZky5J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43bbec4788ff4e190c9eb57006fac7e3d71a6e67ec280ce95ef1993fc124b60e

Files

43bbec4788ff4e190c9eb57006fac7e3d71a6e67ec280ce95ef1993fc124b60e
.dll windows:4 windows x86 arch:x86

4ec54ec84fb800f7900694fe4075bcf5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

wsprintfA

advapi32

RegSetValueExA

shell32

SHGetSpecialFolderPathA

wininet

InternetOpenA

shlwapi

PathFileExistsA

Exports

Exports

bukeni
jzrundll
jzrundll2

Sections

.text
Size: 85KB - Virtual size: 924KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE