2809f956369be9f54424d53ad2b89541 | Triage

Sharing

General

Target

2809f956369be9f54424d53ad2b89541
Size

198KB
MD5

2809f956369be9f54424d53ad2b89541
SHA1

f5cf00fe3722d4071a105130c605908e2cdf9744
SHA256

672a22639a15c5b92dfd122fa3b70e86963c5a800dcccae77c363001e092c36c
SHA512

ed021bfec0b11970ca74b08ed29054a62a0043ef4f454b33c7e1ece55355f7047305f1155af6eef9c5d6e7c6d6739e0dcba37dbc8ac22597b327ffb3c88972aa
SSDEEP

3072:RgB07mGLHISnAgSNN58iPBJntlftRCnR7iOSnKa4yAI2mRt+UYP0:RgB07XW758Qntlfty7i0ayIPWUs0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2809f956369be9f54424d53ad2b89541

Files

2809f956369be9f54424d53ad2b89541
.dll windows:5 windows x86 arch:x86

7974426e93e3579fa102ee19d3f4bf1e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegLoadKeyA
RegQueryValueA
RegEnumValueW
RegEnumValueA
RegCreateKeyW
RegDeleteValueA
RegEnumKeyExW

kernel32

OpenFileMappingA
lstrcatA
GetCommandLineA
FreeResource
CopyFileExA
FlushFileBuffers
GetFileTime
GetLocalTime
ExitProcess
GetFileType
FormatMessageA
OpenFile
GlobalFree
DeleteFileW
FindClose
CompareStringA
GetCPInfo
HeapFree
WriteFile
DeleteFileA

user32

DrawTextW
DialogBoxParamA
GetScrollInfo

Sections

.c22a0
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.82b6
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.6f0b
Size: 147KB - Virtual size: 454KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g511
Size: 1024B - Virtual size: 829B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ