609874f3df950bf813704a9a0cdb4c8b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

609874f3df950bf813704a9a0cdb4c8b
Size

8KB
MD5

609874f3df950bf813704a9a0cdb4c8b
SHA1

16441b09a5b7996c12dac02613d12ff9b5868a65
SHA256

29d101f63baeddd366fbcfd27d8796a73076ff0a8c0be31a19da791c60b172b8
SHA512

56442f1238cad9891422f74162f590fde866a75789dd1d2576b60cdb73319558d11e80a7ed955a31fad04311fe442f8bc2839de379160be6ab9c1216da70d72e
SSDEEP

192:epdZN2W8/zASb8SJPjrqX8c3WE3CJTWrIMwyOC0:UHNk/028SjU8IWSCJTWrdwy0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
609874f3df950bf813704a9a0cdb4c8b

Files

609874f3df950bf813704a9a0cdb4c8b
.dll windows:6 windows x86 arch:x86

07e31ec26fe7b4d435fece8a0a2f8790

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_except_handler4_common
_adjust_fdiv
_amsg_exit
_initterm
free
malloc
_XcptFilter
memset

user32

LoadStringW
MessageBoxW

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
DisableThreadLibraryCalls

Exports

Exports

DllMain
EditAuditInfo
EditOwnerInfo
EditPermissionInfo
FMExtensionProcW
SedDiscretionaryAclEditor
SedSystemAclEditor
SedTakeOwnership

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ