1de4783d5ffd7093e04928a42828ae0c | Triage

Sharing

General

Target

1de4783d5ffd7093e04928a42828ae0c
Size

11KB
MD5

1de4783d5ffd7093e04928a42828ae0c
SHA1

e23b9c151c20c995b92bf82de9ce034bb2f98ee9
SHA256

3bd95de3eaedd9d55a9d90bb0fa17af330eb58b09fc72b620416da41c74fea88
SHA512

2a699ca3692bdc829a10ba92931d8d629ff76323e91ab34267f1b3bb883297af61312456c0e34d19447c3ae641842b28048434aebbebeba5fdad9181987ba55e
SSDEEP

192:mHxngwNJJe5oQT49NcLtGpNgpBPgGz1aocgq3maOR/Qzab5qa0VFRBkJMrfa3Wim:mHCGJJe5o0UE+scgc6gQ5fKFR+JMDiEp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1de4783d5ffd7093e04928a42828ae0c

Files

1de4783d5ffd7093e04928a42828ae0c
.dll windows:4 windows x86 arch:x86

b55a054e6f3ae929367b96b7550a75af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalAlloc
lstrcmpiA
VirtualProtect
VirtualQuery
GetVersionExA
lstrlenA
lstrcpynA
GetModuleFileNameA
GetModuleHandleA
lstrcatA
GetEnvironmentVariableA
lstrcpynW
lstrcmpiW
WritePrivateProfileStringA
lstrcmpA
FreeLibrary
DisableThreadLibraryCalls
GetFileAttributesA
CloseHandle
ReadFile
CreateFileA
LoadLibraryA
FindClose
GetProcAddress
FindFirstFileA
LocalLock
LocalUnlock
LocalHandle
LocalFree
GetPrivateProfileStringA
WideCharToMultiByte

user32

wsprintfA
LoadStringA
LoadStringW
SetWindowLongA
SetWindowLongW
IsWindowUnicode
CallWindowProcA
IsWindow
SetDlgItemTextA
SetWindowTextA
GetDlgItem
MessageBoxIndirectA
SendMessageA
CharNextA
GetDlgItemTextA
CharPrevA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation

Exports

Exports

winampGetInModule2

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ