6394a31110df34a618be8da556b30950 | Triage

Sharing

General

Target

6394a31110df34a618be8da556b30950
Size

95KB
MD5

6394a31110df34a618be8da556b30950
SHA1

5e69e1157bb4d480cb96ef693ca6c281806a36d9
SHA256

11902b640a653d1a8d78d47890c574b49f58b4d5e1e1f50e532569c3d58a0865
SHA512

99a3fd694c5c50c5bb20b90ba019ee08ba85fd4a91475292d9c515ca164fd061d07d59f3be78a529384032e67b370b3c1d33d8f259d63183e436334537d5294f
SSDEEP

1536:xYBADjILD3L+bQ+T1vYm+KkhMMMRvQOVGKXY2L2a65UeLN13HwangaNbifOM3lVc:xgAO3jSx1LMMpQOXXYS2cE1XwangaSV0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6394a31110df34a618be8da556b30950

Files

6394a31110df34a618be8da556b30950
.dll windows:4 windows x86 arch:x86

24d87a6791c12cac1a776d702f4e76d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcessId
GlobalDeleteAtom
GlobalHandle
GlobalLock
HeapAlloc
HeapCreate
IsBadReadPtr
LCMapStringW
LocalAlloc
ReadFile
SetEndOfFile
WideCharToMultiByte
lstrcmpiA
lstrcpyA
lstrcpynA

user32

CharUpperA
DefWindowProcA
DrawIcon
GetClassInfoExA
GetForegroundWindow
GetMenuCheckMarkDimensions
GetMenuState
GetNextDlgTabItem
GetParent
GetScrollPos
GetWindowLongA
GetWindowTextA
GetWindowTextLengthA
GrayStringA
KillTimer
PeekMessageA
SetRect
SetWindowContextHelpId
ShowWindow

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ