3baa039d7d1e3bc0bb1a25f25a9f8404 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3baa039d7d1e3bc0bb1a25f25a9f8404
Size

166KB
MD5

3baa039d7d1e3bc0bb1a25f25a9f8404
SHA1

81ab403e96bad77d6863c8c226b8f2e61a1d372a
SHA256

79b8edb738474845a38e8d15ee8cfe7de23509457256a9b515f59c97c19ac163
SHA512

59cedd7c00dcc2e0e1ac847cce5e6cff203c305e3bef0203e9ea2b47f70fe0519a68281e0edcb4d7ddd2f58be2b87e151506ab1b40a50a98cc59953e741e708d
SSDEEP

3072:HGFxlC4WDh0wHTPMFm8w5CKnORb8Q1VY8e9v7sEw/I+8IyMwnY0Qe:HAUKwzPME7ti8Eo9v7sEsZlw3Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3baa039d7d1e3bc0bb1a25f25a9f8404

Files

3baa039d7d1e3bc0bb1a25f25a9f8404
.dll windows:4 windows x86 arch:x86

99413a42797861a351a27f4312a2ab5d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
FreeLibrary
GetProcAddress
EnumDateFormatsExA
LoadLibraryA
WideCharToMultiByte
DeleteFileA
GetFileAttributesA
GetTempPathA
GetTempPathW
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetFileSize
LockFile
LockFileEx
UnlockFile

oleaut32

VARIANT_UserFree
CreateErrorInfo
VarUI1FromUI4
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

gdiplus

GdiplusShutdown
GdiplusStartup

Exports

Exports

AlphaBlend
GradientFill
TransparentBlt

Sections

.text
Size: 109KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ