5d21dcf592a1ae87926490299bb688e5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d21dcf592a1ae87926490299bb688e5
Size

160KB
MD5

5d21dcf592a1ae87926490299bb688e5
SHA1

c79f3be4ab0493a91a949d2bf56f6f730bb3871e
SHA256

bd2dee99c38e1c809737f4d83f9cd436340a08212c3355b890d8f4056c923379
SHA512

0edb393468833778f128260edd3da69fa2e9a89fea8bed36360443fa25ee606d182af3cab7da59f75fdbcb488b80afa4d520bfe04eb3025a7c95eede6cd7681a
SSDEEP

3072:0lE4SOorOykU27xsh6zdeVoHrsj6RJEwpdb4Pe9fCKmTigHqm7kaRiRnQR:woOVNmwdeuHrj3Npd8PYfCTRHbcQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d21dcf592a1ae87926490299bb688e5

Files

5d21dcf592a1ae87926490299bb688e5
.dll windows:4 windows x86 arch:x86

ab2d0f13f4980ac2349bda8137166ab9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
FindResourceA
FreeEnvironmentStringsW
GetACP
GetCommandLineA
GetConsoleCP
GetLocaleInfoA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemInfo
HeapAlloc
HeapCreate
HeapReAlloc
HeapSize
LoadResource
MultiByteToWideChar
OpenEventA
RtlUnwind
SetEvent
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TerminateThread
UnhandledExceptionFilter

msvcrt

wcscmp
__p__fmode
swscanf
vswprintf
wcscat
_cexit

user32

EnableWindow
EnumChildWindows
ModifyMenuA
DrawFrameControl

oleaut32

VarBstrCmp
SafeArrayAccessData
OleTranslateColor
OleLoadPicturePath
OleLoadPicture
SafeArrayCreate

shlwapi

PathCombineA
PathFileExistsA
PathAppendA
ChrCmpIA
PathGetCharTypeA
SHDeleteEmptyKeyA
SHDeleteValueA
SHEnumKeyExA
PathBuildRootA
SHOpenRegStreamA

Exports

Exports

NxCookClothMesh
ReadEapcfgList
W32N_GetNetCardRegistryPath

Sections

.text
Size: 103KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ