09e1702bd3a3943df6558b59697189a4 | Triage

Sharing

General

Target

09e1702bd3a3943df6558b59697189a4
Size

171KB
MD5

09e1702bd3a3943df6558b59697189a4
SHA1

e904fb6a490977ee570edd9d90c641485c2d9d02
SHA256

8ac447bb7b869b82bfb6a284aac2321ac9d8f12887dc9527f1603f2ef1b07f7a
SHA512

c833b1f44194cf82f5f7d755a059c5f9df735d9a212e3d7cd93fd60d09a9934eb4150378f45f493f281068659c4768ac60c9325177d728aa08d244dfb847b334
SSDEEP

3072:p8/NbdCGRtFq1zkuPczNslVnv70dWg6YIKOGBgmMMmq0yiF5y:p8VlRK1Aal5KWg6+BgmMVFT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09e1702bd3a3943df6558b59697189a4

Files

09e1702bd3a3943df6558b59697189a4
.dll windows:4 windows x86 arch:x86

e7154c684757ed3e21d774767a94c24f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

CreatePenIndirect
GetClipBox
GetCurrentPositionEx

kernel32

VirtualAllocEx
LocalAlloc
CreateThread
CreateFileA
LoadLibraryA
DeleteCriticalSection

msvcrt

wcscspn
sprintf
exit
mbstowcs
clock
calloc
malloc
swprintf
memset
memcpy
_acmdln
memmove
tolower
wcsncmp

user32

GetMenu
GetCapture
IsCharUpperA
GetScrollRange
GetWindow
GetScrollPos
GetScrollInfo
GetSysColorBrush

Exports

Exports

rUMnu@16
j1arxsvltJLDE
_vOW_6d6LKlE
_5IqJS@4
ZSEJpd90TGcJc
_9kxmqOYcHaR
2BF71yMMGOW

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ