3f4d243dac6c542b0554fcbfa4e80b11 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f4d243dac6c542b0554fcbfa4e80b11
Size

164KB
MD5

3f4d243dac6c542b0554fcbfa4e80b11
SHA1

28e9d9f43807d44d0669ec5b4e210a7f599a7be1
SHA256

dc7d347fd2149bc3da3ea9f23559b5aab942d592689684a148c267fbbe9dc56c
SHA512

fe97597ffd07021038ee92129e31549f2bc82ce06dff60dc7615ed38be344fdc14fd46172274a6c590703e92fee371863368fbaecacba142bbd34c19cf318c8b
SSDEEP

3072:1BzaQfhZsOjISMM/mLMWzcDp+2hCG7DZdT0n6MbrmoB2hU:jaQf1I6/mZccg7DzAb6m2h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f4d243dac6c542b0554fcbfa4e80b11

Files

3f4d243dac6c542b0554fcbfa4e80b11
.dll windows:4 windows x86 arch:x86

a7792d432f8236a123bf4349321c9b74

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

__vbaBoolVar
__vbaCastObj
__vbaCopyBytes
__vbaCyErrVar
__vbaCyInt
__vbaCySgn
__vbaAryVarVarg
__vbaDerefAry
__vbaErase
__vbaEraseKeepData
__vbaFailedFriend
__vbaFileCloseAll
__vbaAryLock
__vbaCyVar
__vbaAryCopy

user32

CreateIconFromResourceEx
DestroyCaret
DrawIcon
EndDialog
GetDlgItem
GetFocus
LoadImageA
OemToCharA
ShowWindow
CreateDialogParamA
CreateAcceleratorTableA
CharToOemA
BeginPaint
CloseWindow

kernel32

GetModuleHandleA
VirtualFree

dinput

DirectInputCreateW

Exports

Exports

Bltvtjcgy
Ulhkbubbmez

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ