3dc2d8c1d2c872e6fd8d738593a9b602 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3dc2d8c1d2c872e6fd8d738593a9b602
Size

115KB
MD5

3dc2d8c1d2c872e6fd8d738593a9b602
SHA1

5a45d71f02549782d330deb1bc32df09a721373c
SHA256

bccf4f3ffdbdc4f828ed55ad0bc591210150d789cdb58496f33402c3371b51c0
SHA512

3cb4ebc0bac9ef51225a5161d9ccaaf8b14d769ee17b99df169e3f212c08b1df038c1e1e2ebe4d0d45a3614035f073689c0ea9c719e0df565de46a235b4e30d4
SSDEEP

1536:juJNHYKFVrFLwt8V4K5o4Ywkl+dVd9zeM0jPV979/gWhW7zZgX4+2zhkk:jepYU5F+8O84wkl+Dzyj/s7zCN+hB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dc2d8c1d2c872e6fd8d738593a9b602

Files

3dc2d8c1d2c872e6fd8d738593a9b602
.dll windows:5 windows x86 arch:x86

c6348d6a371beae5ce46f63fbe1b9937

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetProcessHeap
LoadLibraryA
VirtualAlloc
lstrcmpiA
TerminateProcess
GetCurrentProcess
GetProcAddress
SizeofResource
DeleteFiber
IsBadReadPtr
CancelTimerQueueTimer

user32

CheckMenuRadioItem
IsCharLowerA
DefDlgProcA
AnimateWindow
CallMsgFilter

gdi32

CreateCompatibleDC
StrokePath
CreateFontW
EndPath

Exports

Exports

iwzrbomwv
mwbzwjascjwtfsm
uvsdkvnv

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ