326b4566f716e2d293ba4a22b5969b63 | Triage

Sharing

General

Target

326b4566f716e2d293ba4a22b5969b63
Size

8KB
MD5

326b4566f716e2d293ba4a22b5969b63
SHA1

3fe0287d9f7e9d2179df97617364a27b7a96f88a
SHA256

7853cf79e362a98c306f3cd5b5fa47a0d9098ed8291dc6d44a3604c540f27cf9
SHA512

3862497d53826e8afd11fa4180bfbbd3b3119fd850661b55afedf132455335bf58fbad7d290fa56ccdc8f03675d9f0f9defc901d9d67870d28f686f39e3565cf
SSDEEP

192:BOS6H7f+cTw84TmAUys282fVHdROB79b:sH7mcw84Ta529ROB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
326b4566f716e2d293ba4a22b5969b63

Files

326b4566f716e2d293ba4a22b5969b63
.dll windows:5 windows x86 arch:x86

455a015e78e2c6c2f3b35318f54da728

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

free
atoi
sprintf
printf
wcscmp
isalnum
_iob
fprintf
malloc
strncpy
strlen
strcpy
memcmp
_beginthread
memchr
_strnicmp

kernel32

GetModuleHandleA
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
SetFileAttributesA
GetProcAddress
GetModuleFileNameA
LoadLibraryA
CloseHandle
Sleep
VirtualProtect

user32

GetKeyState

Sections

.bars
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ