58f7de614e56db152175e8407dd1ded2 | Triage

Sharing

General

Target

58f7de614e56db152175e8407dd1ded2
Size

116KB
MD5

58f7de614e56db152175e8407dd1ded2
SHA1

3f8a0a831cc7d0c1e7797d9d233bbba6b37aba69
SHA256

e060b66885b4431572dc166d703aeec4185a5cb388e21f4219379e09910508b4
SHA512

95ce78e12a7359f7941728a2148d8f275f826dc9ffd95809ee803bfdb465620af5e1f0a361e46a00894d69f660dafd38bd6fd4b68b1a45fbd1a5d80c3a2f202d
SSDEEP

1536:cea1sET+HX4hJx4l7pOe+FhgVk+/MiIjnowxisoOF6aSAalEU:cJK8+HX4hupOReV8iygsow6KalEU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
58f7de614e56db152175e8407dd1ded2

Files

58f7de614e56db152175e8407dd1ded2
.dll windows:4 windows x86 arch:x86

f23cf37d6be66dcd64ecc9e561df884a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
WriteConsoleOutputA
GetPrivateProfileSectionNamesW
CreateNamedPipeA
GetCommandLineW
GetThreadLocale
GetCurrentProcess
ReleaseMutex
GetSystemDirectoryA
SystemTimeToTzSpecificLocalTime
VirtualAllocEx
IsBadWritePtr
GetProcessShutdownParameters

user32

LoadBitmapW
InvalidateRect
UnregisterClassA
SetMenuItemInfoA
DlgDirSelectComboBoxExA
SetDlgItemInt
GetRawInputDeviceInfoA
RemovePropA
LockWindowUpdate
RegisterShellHookWindow
GetMenuStringA
DlgDirSelectComboBoxExA

gdi32

SetBoundsRect
PolyTextOutA

Sections

.text
Size: 104KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbbs
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ