1b0848da2c51d28d793e0a4aa94f3906 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1b0848da2c51d28d793e0a4aa94f3906
Size

34KB
MD5

1b0848da2c51d28d793e0a4aa94f3906
SHA1

41f8cfa9431fcbbecdb04f8b2c9b39d69bbdb48b
SHA256

6c1deed870194f0234083d0b2980b77300a25e40c28af490b295109db7fe20a4
SHA512

b629c6a95430589ce5ae9ddd77d12817e1a5fc984590a9c8f3445e932f3a6b50e310a6b48546ff2ac436efd8db85291f89e90f82d6606379004e042dd565a7f3
SSDEEP

768:nNqzxOdrByezAkIsxJ5QH9sQv9dNrGSX/Y:nNWqgEAtsxJ5QH+QvFrGSg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b0848da2c51d28d793e0a4aa94f3906

Files

1b0848da2c51d28d793e0a4aa94f3906
.dll windows:5 windows x86 arch:x86

72c847ff566d14f41d587076c83e3faf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
HeapAlloc
WaitForSingleObject
GetTickCount
Sleep
GetSystemDirectoryA
lstrcatA
GetProcAddress
CopyFileA
LoadLibraryA
GetModuleHandleA
CloseHandle
GetTempPathA
CreateThread

user32

CopyIcon
wsprintfA
LoadCursorA

Exports

Exports

Execute

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 601B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 178B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ