42c4f008837534e23779253a2261b780 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42c4f008837534e23779253a2261b780
Size

311KB
MD5

42c4f008837534e23779253a2261b780
SHA1

35d69f371943de658f22063016b5ac525fd77edf
SHA256

6bfdee9f502682e6bca21e628a45808a6074cd7cfffa9066027b965acbe02268
SHA512

9445a9af096e1c0ff74263c6507541a3ad4a5c474851a1946ea6f2185a09d3fe2f4634c46d00e31f2ee8648a5e5a479c1178f0d5e28423ff472eae8a9225370b
SSDEEP

6144:xHv0S9b0mp/HKla2s2F9U+Lwj52FEsQ8icibBi1nXVacW:xP0Svp/HWaN2FG+12F5g1XVaT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42c4f008837534e23779253a2261b780

Files

42c4f008837534e23779253a2261b780
.dll windows:4 windows x86 arch:x86

eacacca747eb2891bed2f1f949849ffa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

DestroyMenu
DrawStateA
EnableWindow
DestroyCaret
EndPaint
GetCursor
CreatePopupMenu
CreateMenu
CreateDesktopW
CreateAcceleratorTableA
CharUpperBuffA
EndMenu
CharUpperA

kernel32

SetEndOfFile
LoadResource
GetPrivateProfileStringA
GetLocalTime
EnumResourceLanguagesW
SetLastError

Exports

Exports

DllCanUnloadNow
DllGetClassObject
InitSecurityInterfaceW
LsaApCallPackage
LsaApCallPackagePassthrough
LsaApCallPackageUntrusted
LsaApInitializePackage
LsaApLogonTerminated
LsaApLogonUser
LsaApLogonUserEx
SpInitialize
c
f
o
s

Sections

.text
Size: 68KB - Virtual size: 384KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 238KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ