5dbaad49c8811d650c5f75899ef48092 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5dbaad49c8811d650c5f75899ef48092
Size

300KB
MD5

5dbaad49c8811d650c5f75899ef48092
SHA1

3b53684c12de6ae86c0f027edcff11ebe85f0e17
SHA256

3f3de6886c1392aedaaa4451d75fe2c8ddd0411f9fd522dc2b59a7bb37a7a86b
SHA512

7b432fe2a6c9b7971a3cbf39d434e8afb078d18c9cb0feefa4cac60a9555868c1b8403cf812582d6e0d5489543147af60a137c75780937dc4a8aa89e36749ae6
SSDEEP

3072:rbrhtdAat5N+RnU11TlnSzImRFnwA9XyxzH7+7enLr4TruTRrBEHd+1eekese+/R:Pr7Sax8U5nSzhfDCl7UOLMTWRrACmZCg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5dbaad49c8811d650c5f75899ef48092

Files

5dbaad49c8811d650c5f75899ef48092
.dll windows:4 windows x86 arch:x86

f9bbfaf43c6ea49a5cfa94ba894e2d76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr71

abs
exit
strcat
strcpy
abort
strtol
atol
getenv
fprintf
strrchr
_vsnprintf
fflush
_sleep
strftime
localtime
time
strchr
fopen
fclose
isdigit
strncpy
strerror
_errno
sprintf
__dllonexit
_onexit
free
_initterm
malloc
_adjust_fdiv
__CppXcptFilter
_except_handler3
_setjmp3
memcpy
_snprintf
longjmp
strlen
strncmp
strcmp
_iob
setvbuf
memset
_getpid

kernel32

CreateProcessA
GetLastError
FormatMessageA
GetCurrentThreadId
LoadLibraryA
GetModuleFileNameA
GetProcAddress
DisableThreadLibraryCalls

Exports

Exports

_Agent_OnLoad@12
_Agent_OnUnload@4

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE