5e9155c2fa8a06a01b49f6c5d404f8bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5e9155c2fa8a06a01b49f6c5d404f8bf
Size

196KB
MD5

5e9155c2fa8a06a01b49f6c5d404f8bf
SHA1

da827138df1ee7d114561d5ee57fac5bba8ffac8
SHA256

56a833c59ca513916e5afea83e8f99ce3f6096edd5b4206f4ed49576130f38a0
SHA512

b183153754c86645a71e679add5b07b63f47b31f8c82326e1d2de268838e16547bc4a2cf9e4ae6dd83add3789098032de20574b1f097bea2e7eaab0e54ce81b3
SSDEEP

3072:+h9/gdQXAYXPb5X8n/3fEJAqxNh9pFNeM6CJLWwV2rZWMirPqwGc0TLY7Mv0wSeO:4/FQq18UWq9XT3JLqaSw90Hn63

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e9155c2fa8a06a01b49f6c5d404f8bf

Files

5e9155c2fa8a06a01b49f6c5d404f8bf
.dll windows:4 windows x86 arch:x86

5e2eb45044dd56517daf3dd9d7bc76c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateMutexA
CloseHandle
WaitForSingleObject
ReleaseMutex
FreeLibrary
SetErrorMode
LoadLibraryA
DisableThreadLibraryCalls
GetProcAddress

msvcr71

isupper
strncpy
tolower
_onexit
free
_initterm
malloc
_adjust_fdiv
__CppXcptFilter
_except_handler3
??2@YAPAXI@Z
??3@YAXPAX@Z
_purecall
__dllonexit
_putenv
_stricmp
strchr
sprintf

Exports

Exports

RMACreateInstance
RMAShutdown
SetDLLAccessPath

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 165KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE