4105d189c1be3767082c2e577a5a4976 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4105d189c1be3767082c2e577a5a4976
Size

174KB
MD5

4105d189c1be3767082c2e577a5a4976
SHA1

2e4f1d0313fc42312ab1e9049fa3442bb0540505
SHA256

f010df5c3a39fa4f397c7bcac0e529630f487714c5c974bf4a3056565c03cbfe
SHA512

e45a0f3b239feb7e1cd105fd0dff6499b335bd90fb59f0d6e167362c2065026e326d4c16d41c3bd1c1bef006f4c69f7ae4d7ff588531f9bbacd5c5419218333c
SSDEEP

3072:nVrXes6hW+d3U9Wsk2tVnIq5j/fzecW6EOdOHatpxIwQ0JycU8lCe:VTeO+d3U9WskYIq5j/L0Od8ajxIwzycf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4105d189c1be3767082c2e577a5a4976

Files

4105d189c1be3767082c2e577a5a4976
.dll windows:4 windows x86 arch:x86

a493a31dd5a77c7d8d2cec26429a6c48

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comdlg32

GetSaveFileNameA
ChooseColorA
FindTextA
GetOpenFileNameA
GetFileTitleA

kernel32

SetEvent
SetErrorMode
VirtualAlloc
SetFilePointer
GetThreadLocale
IsBadReadPtr
GetCurrentThreadId
ExitProcess
LoadLibraryA

gdi32

GetTextColor
GetPixel
CreateBrushIndirect
CreateDIBitmap
GetBkColor
GetClipBox
GetCurrentPositionEx
SaveDC

user32

GetCursor
DrawTextA
GetMenu
GetWindow
DrawMenuBar
CharLowerA
DrawIcon
EmptyClipboard
DrawIconEx

oleaut32

SafeArrayCreate
SafeArrayGetElement
SysReAllocStringLen
SysAllocStringLen
VariantCopyInd
OleLoadPicture
SafeArrayPtrOfIndex
SafeArrayGetUBound
SysFreeString
SysStringLen

Exports

Exports

_ayyVul
JX6Vw@24
_dwRhp8KAnt
UoZSd8Xc@8
__aAopOg5X

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ