6a4482e3fa6109eafa171267e20f5a64 | Triage

Sharing

General

Target

6a4482e3fa6109eafa171267e20f5a64
Size

21KB
MD5

6a4482e3fa6109eafa171267e20f5a64
SHA1

e85d9ea9d5b9ef963e039b6985b1eb90cd2bcf99
SHA256

a212357f66732480153abde6d7b07325ccba920cb5c7b4dab45a02152a2b1b34
SHA512

8b9d5a61fdc7c1aad9cd36556a65ecbc967b7e471ece03e2d08b4ba79db3fbda3587cefbdbdfefd04b18e32498bf746cdcdfc239d770a69a12267f7be9b03103
SSDEEP

384:GdaoYdlt/SdXxc+w7dq4GR9+lEBX5ECYehAXKtaaAy1f0Kc0EvJjKZR:Gda/dPKpaBGR9f5ZYeh5Jf1f0Kc0YlKP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a4482e3fa6109eafa171267e20f5a64

Files

6a4482e3fa6109eafa171267e20f5a64
.dll windows:4 windows x86 arch:x86

f8315726bc8a7dc1824f6d23196d5a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_onexit

gdi32

GetDeviceCaps

msvcp60

??0_Lockit@std@@QAE@XZ

user32

GetWindow

shell32

SHGetFolderPathA

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 17KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE