5e2eb9a93d794e218e3f5a914b2184b3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5e2eb9a93d794e218e3f5a914b2184b3
Size

65KB
MD5

5e2eb9a93d794e218e3f5a914b2184b3
SHA1

77adb8534d8720e8260dea37f3d20d1408817790
SHA256

06b2b48b81e5450dc7718d19a508cd94217a5595ed0905d2f2818985df854c3e
SHA512

e20eb120005535b47e52280240cba9a5e0651becebd50b0ddf9f7e527ca0b672099a0d41c09c588540a956cd38ea9a13e7561dc00dabb720a3294c374cccd77a
SSDEEP

1536:1M102MtI6eV4Mxa/RRwHPSeeI6WTicuxAyk3bH8g5VteW:a102Mu6eV5a/GaeedXcw2bHvVteW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e2eb9a93d794e218e3f5a914b2184b3

Files

5e2eb9a93d794e218e3f5a914b2184b3
.dll windows:1 windows x86 arch:x86

1385ea848d68f0180fb14a13e6ec63b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateDirectoryA
DeleteFileA
FindFirstFileA
FindResourceA
FreeResource
GetCommandLineA
GetCurrentThreadId
GetFileAttributesA
GetFileSize
GetFullPathNameA
GetModuleHandleA
GetProcessHeap
GetSystemInfo
GetSystemTime
GlobalAlloc
GlobalFree
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapSize
LoadResource
LocalFree
LocalReAlloc
LocalSize
LockFile
MoveFileA
MoveFileExA
ReadFile
RemoveDirectoryA
ResetEvent
SetCurrentDirectoryA
SetEvent
SetFilePointer
UnlockFile
UnlockFileEx
VirtualAlloc
VirtualUnlock
WideCharToMultiByte
lstrcmpA
lstrcmpiA
lstrlenA

user32

MessageBoxA

Exports

Exports

CreateProcessNotify

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 81B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ