16feaaabfdaad0080a5823164a9c0e75 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16feaaabfdaad0080a5823164a9c0e75
Size

60KB
MD5

16feaaabfdaad0080a5823164a9c0e75
SHA1

83a9fdfaf7ad6c8a76f47146b45934a8e155be54
SHA256

bb0202907e3f31ed1be65820c3c6824b7901e7490f0c15db9fb21263b902d0fd
SHA512

0a7c515d91f6287c45b363e0e76b408d3ed1944ce5ddce5f428bfe2ba8acf71161cd89689156404b56b14c2ad7d97dc30b0223f9cd92acb1f851ade230710efe
SSDEEP

1536:HbCVB8MmnQIuPYZaGJkkGrSxHsZWa/F5YUV1tXDM:eDmH6exHONIUV15DM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16feaaabfdaad0080a5823164a9c0e75

Files

16feaaabfdaad0080a5823164a9c0e75
.dll windows:4 windows x86 arch:x86

29f55801a80b99d044a5617061b204f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_vsnprintf

gdi32

BitBlt

user32

GetWindowRect

wsock32

closesocket

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 14KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE