5c7dbc364a32e5d905a87c91375dffe2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c7dbc364a32e5d905a87c91375dffe2
Size

152KB
MD5

5c7dbc364a32e5d905a87c91375dffe2
SHA1

17ff02d703ebdd0f55c3aadf9d24023838943d1b
SHA256

a29a061571e03773c151992eea3820300f4c66a8b9ecc7ac1cb37c68eefca146
SHA512

b6c22062d7cec3d25ab9b125dde294610b1ea469ab0ced620143db896658550b44a18ac72f769499074b6b24b9c667130c663e7d79ecbaff79a75414ee5a766d
SSDEEP

3072:SWYQCSu5rKP4MNoel9TOwShULEuYM0zs/ZgQyYIb1T/o:SA5u5rqTClUIuZ/9w/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c7dbc364a32e5d905a87c91375dffe2

Files

5c7dbc364a32e5d905a87c91375dffe2
.dll windows:4 windows x86 arch:x86

44dbb63847183a3f7c379297d8d7ddf2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comdlg32

GetOpenFileNameW
ChooseFontW
GetSaveFileNameW
CommDlgExtendedError

kernel32

GetModuleHandleW
FindClose
FindNextFileA
GetStringTypeW
FindFirstFileA
EnumResourceLanguagesA
WideCharToMultiByte
ReadFile
WriteFile
SetFilePointer
GlobalHandle
IsDBCSLeadByte
GetModuleHandleA
VirtualProtect
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetProcessHeap
GetModuleHandleW
CreateProcessA
GetTempFileNameA
HeapFree
HeapAlloc
LoadLibraryW
InterlockedExchange
Sleep

oleaut32

DispGetIDsOfNames
CreateErrorInfo
OleCreateFontIndirect
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

Exports

Exports

AlphaBlend
GradientFill
TransparentBlt

Sections

.text
Size: 107KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ