6077c49752f648b305a408e95caa6886 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6077c49752f648b305a408e95caa6886
Size

362KB
MD5

6077c49752f648b305a408e95caa6886
SHA1

79fa0f5c50410ea0f3dfdbcb61729946c1004058
SHA256

cffacc2ed4411ae97f66e91d1b16ecda12377bddc6d5ee64aeb01e023b00664b
SHA512

53d708cf2f053e81fbf486b89be2e31a2d4dd74d0ae2c7529785422146db55ba74dbdc35c15ac049c16e052fc4aeb44058e74cb09d17b74d5e48f71719e85cc3
SSDEEP

6144:FwQbw7dvTT1KdgPZ2u9PB33beHjKgWRWYzYxnIy/YnGRuXLatq+B2+XkCoZHT:FwQbwZv4czw4RW9nj/RJxXyd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6077c49752f648b305a408e95caa6886

Files

6077c49752f648b305a408e95caa6886
.dll windows:4 windows x86 arch:x86

21cb76181e4d76ecb220b914bffd1e02

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

DrawStateA
DialogBoxParamA
DeleteMenu
CreateMenu
CreateDialogParamA
CreateDesktopW
CreateAcceleratorTableA
CopyRect
CopyImage
CharNextA
CharLowerA

kernel32

EnumResourceLanguagesW
lstrcpynA
lstrcpyA
lstrcmpA
Sleep
RtlUnwind
OpenFileMappingA
LoadLibraryA
LeaveCriticalSection
InitializeCriticalSection
GetPrivateProfileStringA
GetModuleHandleA
CloseHandle
CompareStringA
EnterCriticalSection
EnumResourceLanguagesA
FindResourceA
FreeResource
GetLastError
GetLocalTime

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 225KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE