334055dd90a5a269d7c9538e9b9c8cde | Triage

Sharing

Copy URL Twitter E-mail

General

Target

334055dd90a5a269d7c9538e9b9c8cde
Size

214KB
MD5

334055dd90a5a269d7c9538e9b9c8cde
SHA1

71a7c6afe2aada87d389a57f0e2ccc1cadeef1df
SHA256

54347387740ba6be56b0961b5c0d1fd7785211d0a06c4477bc2b2ad731c04e00
SHA512

9d22aec563dde44ae3823b28bd25876a08861c622b19236ca535d9075ae9c84aacfbf0b20144b17ead02b7942fbd0f8e1cb8a8bd836058dd1c73c765d2cd06c6
SSDEEP

3072:YVQPSM10JxRnP5evLbekOr2/lC4LxMuAj7KKacWowUcigXe6ngx4XYRX32:6W+RnB2ekOat97APKUWowUIXexx4Xt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
334055dd90a5a269d7c9538e9b9c8cde

Files

334055dd90a5a269d7c9538e9b9c8cde
.dll windows:4 windows x86 arch:x86

545179dc0cedc718decd99ff2519f29c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

WSACleanup

ole32

CoTaskMemFree

wininet

InternetReadFile

urlmon

URLDownloadToFileA

user32

GetForegroundWindow

gdi32

CombineRgn

advapi32

RegQueryValueExA

shell32

SHGetFolderPathA

oleaut32

SysAllocString

Exports

Exports

Always
EMBLE_DELOP_CODER
GetPlayerVersion
playAdk

Sections

.text
Size: 203KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE