6927d0b3498b85934c6aef31b4dc6e49 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6927d0b3498b85934c6aef31b4dc6e49
Size

24KB
MD5

6927d0b3498b85934c6aef31b4dc6e49
SHA1

b30e487006f8c9a929fc52f9229031fd31c1eb4f
SHA256

75e812b9d7d57d25dedc1b6c4345180e937ed250b585784bde94426eecbff387
SHA512

3baff8e84476c366add060481844f05eaf6f2f4271e6c2ca77092ebb68f1c95fcdc445188994726f8cdde49a856b2b729113557febf9da213ceae5fdea359b22
SSDEEP

384:gi5Qr+bhRoZiYyR/rqneN18udJJz5F7Zxr6+f9PfBZSnPXQ/:RA+zesrqo18utz5PcIPIg/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6927d0b3498b85934c6aef31b4dc6e49

Files

6927d0b3498b85934c6aef31b4dc6e49
.dll windows:1 windows x86 arch:x86

f997005e30aa48cdbaf722a6699d488e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsA
GetModuleFileNameA
CloseHandle
GetProcessHeap
GetSystemDirectoryA
GetTickCount
GlobalAddAtomA
IsDebuggerPresent
OpenMutexA
RtlUnwind
WinExec

crtdll

_fdopen
_open_osfhandle
_sleep
fclose
_cexit
malloc
printf
raise
setbuf
srand
strcat
strcpy

Exports

Exports

_LibMain@12

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84B - Virtual size: 84B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 216B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 896B - Virtual size: 896B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 208B - Virtual size: 208B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE

.edata
Size: 72B - Virtual size: 72B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ