7c386f524719aa691b006be8fe46d597 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7c386f524719aa691b006be8fe46d597
Size

45KB
MD5

7c386f524719aa691b006be8fe46d597
SHA1

4c5a119eb14ae3f8bc58523c81c9cb13cb5a7064
SHA256

bb17daa90a6ede92f5d844d88e664d611e5d998ef6453b5f54b9cc2d2f3cb542
SHA512

ed84009db236ddfe8f75b916e88041be9f46a94524c7710ca42106741a011f2920454ac1050249ba700853b69e1c6fda27968a3579bb401c44fca8d3de0512da
SSDEEP

768:O6tTgjgMe21ns/RttgCTKyV0roFDUpv1/1ZtNWSaeQKn:nqjgMe2S/RbgIX+DZtNWSaeQK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c386f524719aa691b006be8fe46d597

Files

7c386f524719aa691b006be8fe46d597
.dll windows:1 windows x86 arch:x86

c9e029850c77607fc87d77c1e2a40910

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msv1trap

ILCombine
CreateFileMappingA
OpenFileMappingA
EndUpdateResourceA
SetFilePointer
UnmapViewOfFile
PifMgr_OpenProperties
FindResourceA
EnumResourceLanguagesA
ILLoadFromStream
BeginUpdateResourceA
OpenThread
DeleteFileA
DAD_DragEnterEx
Control_FillCache_RunDLLA
PathResolve
SetThreadPriority
LockResource
ReadFile
ILCreateFromPath
GetFileAttributesA
GetThreadPriority
GetCurrentThread
UpdateResourceA
FreeResource
CallCPLEntry16
CreateFileA
MapViewOfFile
LoadResource

kernel32

WaitForMultipleObjects
CreateFileMappingA
VirtualQueryEx
MapViewOfFileEx
SwitchToThread
UnmapViewOfFile
CreateEventA
ExitProcess

Exports

Exports

ClientDllCleanup
ClientDllStartup
CreateProcessNotify

Sections

.text
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ