07b5168fb1cea564acc832c42d42a1ee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07b5168fb1cea564acc832c42d42a1ee
Size

6KB
MD5

07b5168fb1cea564acc832c42d42a1ee
SHA1

8bc56c7ea48a2b840bee9d5eded9de2b920f92bf
SHA256

e324abe873169ca329647ea7a27dcac264bb7b54d3e1d5ad4882f45164444c07
SHA512

0ec165842d3a21da3f03b138ec77bc3fc9eeb0affd3ad3ab55a9cb244afe90a62433fff74d6b24a48ba1de3a8d05d2c003a6019ad2250eb0badb97734e484b5f
SSDEEP

48:tM1926EF0zHL5wcdaqiTTyznPVLAjXkX+Cd/fdD7hF60ztMu9zUWigLo:67pEFW9DBnNLLX+CZdD7hF60T9gWV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07b5168fb1cea564acc832c42d42a1ee

Files

07b5168fb1cea564acc832c42d42a1ee
.dll windows:4 windows x86 arch:x86

4bc7c0bed976610a703e588956422b96

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
OpenProcess
WriteProcessMemory
CloseHandle
CreateToolhelp32Snapshot
Module32First
Module32Next
lstrcmpiA

user32

SetTimer
GetMessageA
TranslateMessage
DispatchMessageA
FindWindowA
GetWindowThreadProcessId
KillTimer
GetAsyncKeyState
MessageBeep

Exports

Exports

DllEntry
FREW
LZOO
OUTL
RLDI
ROGU

Sections

code
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

data
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 630B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 146B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ