6a576f19bce90fe1dd3a0b41426e8ca3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a576f19bce90fe1dd3a0b41426e8ca3
Size

46KB
MD5

6a576f19bce90fe1dd3a0b41426e8ca3
SHA1

74d28493937c396be407e2840846bc6e0e8c81ef
SHA256

56be3df8cc057b8a2b7cae086f878894fa61673eef522e9ec066b3385282666c
SHA512

06a759629181eb6953d1fc8cafb9b9eaf05420148b5a684f9f1f30b48f780308bf11240385db80b47996649c1b74b7bada5005195b03f3dd47a58456dad221a2
SSDEEP

768:7KdjdtFef0W8SoinxK4plvEVUUWZGXtJrv+HrhNVezyEB/DI:+jYf0WdR7fUWZGbr2LHVeRBb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a576f19bce90fe1dd3a0b41426e8ca3

Files

6a576f19bce90fe1dd3a0b41426e8ca3
.dll windows:4 windows x86 arch:x86

6abec528f480918b028726555627b434

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

CoCreateGuid
StringFromCLSID
CoTaskMemAlloc
CLSIDFromString
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoCreateInstance
CoInitializeSecurity
CoSetProxyBlanket
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoGetClassObject

rpcrt4

RpcStringBindingComposeW
RpcStringFreeW
RpcSmDestroyClientContext
RpcBindingFromStringBindingW

shell32

SHGetFolderPathW
DragQueryFileW
DragFinish
CommandLineToArgvW
SHFileOperationW

comdlg32

GetFileTitleA

kernel32

GetLogicalDriveStringsW
QueryPerformanceCounter
GetCurrentThreadId
CreateToolhelp32Snapshot
GetCurrentProcessId
GetSystemTimeAsFileTime
GetProcessHeap
GetModuleHandleW
CreateProcessA
GetTempFileNameA
HeapFree
HeapAlloc
LoadLibraryW
InterlockedExchange
Sleep

oleaut32

LHashValOfNameSys
GetRecordInfoFromTypeInfo
VarUI4FromDec
SysFreeString

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ