1320b32ec139604bbcea3be39ec12bcb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1320b32ec139604bbcea3be39ec12bcb
Size

213KB
MD5

1320b32ec139604bbcea3be39ec12bcb
SHA1

c029e0a0b9f7507c4a1a33967e6263e917c7dfce
SHA256

29ab784b1439d2d26e649bfded2b533fea38a035416163a83c30e4aaee76cf79
SHA512

f3e5bcad307740c3322e7742bf146779181b7866b6d78f0682a6183b634bb0288f874c3eb2346ad8234b93a138319f8eed9d1b275d830418c49da7a83edd6864
SSDEEP

6144:aMvkobG51qEavTd8IpmygWWWWWMt+CJulShUqemf:7Pbi1S8IpcWWWWWtqulShxx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1320b32ec139604bbcea3be39ec12bcb

Files

1320b32ec139604bbcea3be39ec12bcb
.dll windows:5 windows x86 arch:x86

ec2ae054730e61f06310e550e2d7b51c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SetWindowPos
AttachThreadInput
DestroyCursor
CharUpperBuffA
CreateCursor

kernel32

CloseHandle
GetStdHandle
OpenMutexW
LoadLibraryW
GetCurrentThreadId
GetProcAddress
GetLocalTime
TzSpecificLocalTimeToSystemTime
ReadConsoleOutputCharacterA
GetTimeZoneInformation
CreateFileW

Exports

Exports

GetInterface
cdb_inquiry
parse_inquiry
response_dump
sense_dump

Sections

.text
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ