5ab8f94045f14e3cc3eccd26cc7ba026 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ab8f94045f14e3cc3eccd26cc7ba026
Size

922KB
MD5

5ab8f94045f14e3cc3eccd26cc7ba026
SHA1

4126c46f03a5419646d8ac1d4dbbb8ff65cb1091
SHA256

d000a3f10acefdddd6a5688729908f6e5619aaff1beaa4bc8c8d2acbf5b29be3
SHA512

58eab42419c2096131521e0d94a1d986fb9b21a6e2ea16a9e9c3f0c03a29069be8531d346bdb8677f5b46d0c3b03ce0436eb1287ed6739b80e16dbed8dd586bb
SSDEEP

6144:sUMCwgEaVY4ui6BDguLfMbS2KWZbqcnvG+Xw2kDHVNT4CFqR:sUGB4+DgIfR29TvG+Xw2kD16

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ab8f94045f14e3cc3eccd26cc7ba026

Files

5ab8f94045f14e3cc3eccd26cc7ba026
.dll windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kptag4ne
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 664KB - Virtual size: 664KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

kf1ctt9m
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

db609t9.
Size: - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8giywf9n
Size: 252KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

7fi46h8i
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ