1b7409e8b8fbcea48184efbf39634ee4 | Triage

Sharing

General

Target

1b7409e8b8fbcea48184efbf39634ee4
Size

39KB
MD5

1b7409e8b8fbcea48184efbf39634ee4
SHA1

37398d963f63c364ef621ff818525c5b6676ca55
SHA256

7bfba9d35319ecdccd6579277b2c2ed0f1184487a7fde7754cce3339819cdb79
SHA512

dfbc4105876d84ab3f166973a38f53e05b374b519bffc26d8d721a40970937daf3340c706b7957b292321fbe732d23bd95b5bf70ea2a3eea7844abc94ef003f7
SSDEEP

768:leLMi4jAVxAgcQUI3rsEbh20EV0ABAAXm659P6DwoTUPdvD9:ggNjCweY0E2ABJXO5UPRD9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b7409e8b8fbcea48184efbf39634ee4

Files

1b7409e8b8fbcea48184efbf39634ee4
.dll windows:4 windows x86 arch:x86

ff872e7d6574a052eeb7fb94650d75b3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateProcessA
ExitProcess
FindResourceA
FreeLibrary
GetACP
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
HeapReAlloc
InterlockedIncrement
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
Sleep
TlsFree
TlsSetValue

msvcrt

__getmainargs
__p__commode
__p__fmode
__set_app_type
_stricmp
exit
isdigit

user32

DestroyWindow
EndDialog
GetCursorPos
GetDoubleClickTime
GetKeyState
GetPropA
GetWindowPlacement
KillTimer
SendMessageA

winmm

mmioAdvance
mmioClose
mmioDescend
mmioFlush
mmioSetBuffer
mmioSetInfo
sndPlaySoundA
waveOutGetNumDevs

Exports

Exports

DrawTextWCP_ME
VersionNumberUCScribe

Sections

.text
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ