690fff9b692bd37ef9cb8dbd331a0d22 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

690fff9b692bd37ef9cb8dbd331a0d22
Size

130KB
MD5

690fff9b692bd37ef9cb8dbd331a0d22
SHA1

1973ee8608d9c0a2d36c73a76fadb8f20feada9f
SHA256

4d49cc17557fbfe2521b3c5eac7f6dfb6cbbd47e9fbbb9af369ac9860d7d97d1
SHA512

34e458758554d00f0ebf7e5cd67a5080e2be6f6d0748f4ccaec216080fa3bc1c31b747ff71544683f408e5cfcdc17ec5755bc3b1749daa67f3ca89f5fa28394f
SSDEEP

3072:jfElfGZa5FkVhxqoQvUW23uKD5bLHzezBx5i74JBspors0bK9jd:zElDUEou2eKD5PTegEJGporJ4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
690fff9b692bd37ef9cb8dbd331a0d22

Files

690fff9b692bd37ef9cb8dbd331a0d22
.dll windows:4 windows x86 arch:x86

b400d91b2daa6c26e460bacbe305f71d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxW
MessageBoxIndirectW

kernel32

LocalAlloc
OutputDebugStringW
ExitProcess
GetACP
HeapValidate
InterlockedDecrement
InterlockedExchange

advapi32

RegEnumValueW
RegCloseKey

comdlg32

GetOpenFileNameW
GetFileTitleW

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ