67afa453e779ddc3e1d677e84a3b9193 | Triage

Sharing

General

Target

67afa453e779ddc3e1d677e84a3b9193
Size

1.5MB
MD5

67afa453e779ddc3e1d677e84a3b9193
SHA1

d5fc48fe0c8ba0583279f4ab87221529203d80d3
SHA256

74a86db3eacbcb54342063b58b823d01d2c90951fd306909d66e613041266416
SHA512

01991b4c1eefbf6d7500de4fbe42da7ac4a3220b61163abb070cf029816b581dbce578959884a7711cd4bca00b15e67f7764a7946a4dc24d0e85c0057db3cd52
SSDEEP

3072:dtDxepRvHs0hKWmjb93KDYwNfolmuHKnjndeyJTruS0Nm:dtgDyb9UokHjnnuS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67afa453e779ddc3e1d677e84a3b9193

Files

67afa453e779ddc3e1d677e84a3b9193
.dll windows:4 windows x86 arch:x86

73512d7b7d7fe54504728e3714855cf8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetComputerNameA
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetFileSize
GetTickCount
GlobalAlloc
GlobalFree
LeaveCriticalSection
LoadLibraryA
Sleep
WaitForSingleObject
FindNextFileA
FindFirstFileA
FindClose
EnterCriticalSection
DeleteFileA
CreateThread
CreateProcessA
CreateIoCompletionPort
CreateEventA
InitializeCriticalSection
CloseHandle

advapi32

RegSetValueA
RegQueryValueExA
RegQueryValueA
RegOpenKeyA
RegEnumValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey
RegSetValueExA

user32

CallWindowProcA
CascadeWindows
CharNextA
CharNextW
CharUpperBuffA
ClientToScreen
CreatePopupMenu
MessageBoxA

Exports

Exports

SfcGetFiles

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 925B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ