1debc9bb97eee09296d98b3108734b44 | Triage

Sharing

General

Target

1debc9bb97eee09296d98b3108734b44
Size

28KB
MD5

1debc9bb97eee09296d98b3108734b44
SHA1

09dce940470b73debbf91b0d4da885bdb3c91e0d
SHA256

a21245cfde13da26f4f1e651e617767110ed6e1dfc9dc0209d6954e49bf18954
SHA512

7bc3449afd13eefd3672fb64d9646d520141bccb6e0f0ad95882fab061a30a1a6998bb1750a13bcb4314bf532f24902408950bb7ad7069abc69d0b68d3c328bd
SSDEEP

384:IBySWqwQs5mOlIH6RBT2rJzaDPSRfMOHA2m26ORrRm+qYe:I4TIaP6lzaD+MTd+q5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1debc9bb97eee09296d98b3108734b44

Files

1debc9bb97eee09296d98b3108734b44
.dll windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Exports

Exports

Activate
DllCanUnloadNow
DllGetClassObject
HookProc
Logoff
Logon
Start

Sections

.text
Size: 16KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE