30dac3eb76cc2c408af407a69d475359 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30dac3eb76cc2c408af407a69d475359
Size

85KB
MD5

30dac3eb76cc2c408af407a69d475359
SHA1

de939b150b6a65c118f888506019a89ce5b2efc8
SHA256

ddbdb8d03ef0af1c1bccffee36cb67a2c2e6a0d66e68c3cda71a967165c3aafc
SHA512

bc1dfe6e0dc6ffebdd9c5cb1f8b60de94072b702bc7c2c1692b2f824891d08b50919b266bde7c4c63cb6964c5aa3446518962d1b86f54aa9bbbcd1b6c40a01c3
SSDEEP

1536:unKcWM7jI23VQXwSzi/e7soTEp17Th3tIR465V4iKN9K5BLy/Up:gKcWR2lHe7SphTh+R42V4iuIjy/U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30dac3eb76cc2c408af407a69d475359

Files

30dac3eb76cc2c408af407a69d475359
.dll windows:4 windows x86 arch:x86

64ddf3e96796c401754f56e099fef648

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
ExitProcess
GetCommandLineA
GetCurrentThreadId
GetModuleHandleA
GetVersionExA
HeapAlloc
HeapCreate
LeaveCriticalSection
SetFilePointer
lstrlenA

advapi32

GetAuditedPermissionsFromAclW

setupapi

SetupDiGetDeviceInstallParamsA
SetupGetFileCompressionInfoExW

user32

GetKeyboardLayoutNameW
GetThreadDesktop
GetClipboardData

Sections

.text
Size: 72KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ