44ae481d3909d8108f5369ad1c92e97c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44ae481d3909d8108f5369ad1c92e97c
Size

15KB
MD5

44ae481d3909d8108f5369ad1c92e97c
SHA1

a198a1f955f0909f5a90df89f372a9b7be60386e
SHA256

26b5c75ab6d71b173c79a898da9bc6994bc2f09517ed33140134305ff220bfbe
SHA512

0867a435346a890d9612e82fd5439361e684a058c997080a1ba6244258fe12b5e36d4adb85b8861f6fc53928e6c4b4de7e748799cd532cde66b1a7ff8bb56f11
SSDEEP

384:qaL5sfRY5fPPRsjz4OegKHeuRir6qSAvB+Q:qu5scPR2ruRG6qD5+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44ae481d3909d8108f5369ad1c92e97c

Files

44ae481d3909d8108f5369ad1c92e97c
.dll windows:4 windows x86 arch:x86

b4229c67473391d880f333f42f611455

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CallWindowProcW
RegisterClassExW
ReleaseDC
RegisterDeviceNotificationA
IsWindow
IsRectEmpty
InvalidateRect
GetDC
DefDlgProcA
DdeDisconnect
DdeCreateDataHandle
DdeAddData
wsprintfA

kernel32

GetProcessHeaps
lstrcatA
SystemTimeToFileTime
SleepEx
Sleep
RtlMoveMemory
OpenMutexA
LoadLibraryExA
LoadLibraryA
InitAtomTable
GlobalFree
GlobalAlloc
AddAtomA
Beep
BeginUpdateResourceA
CloseHandle
CreateThread
DeleteAtom
DeviceIoControl
ExitProcess
ExitThread
FlushViewOfFile
FreeResource
GetCommandLineA
GetTickCount
GetSystemTime

gdi32

BitBlt
CreateCompatibleDC
CreateDIBSection
DeleteDC
DeleteObject
GetDeviceCaps
GetGlyphIndicesA
SelectObject

Exports

Exports

allhyb

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ