f876948d9d2aca89eeac904ca8015645 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f876948d9d2aca89eeac904ca8015645
Size

74KB
MD5

f876948d9d2aca89eeac904ca8015645
SHA1

c9fcee487a5597ac8ae2eaac230398eb202b7252
SHA256

00400f5202f2b065b48541ffec7abca7012264cd50e613c3679f89dfb1e8e5f3
SHA512

f77ce263eeebf1f61e351f85aef5e8b2c459b4081fd7c12a7b8f101691501f75018574fbe71935e9a5ff7aabbbd1e98f9132216fcdb9d1c940c6b60060355313
SSDEEP

1536:4mRmNe/ffiU+OtrCAsLZ7MgVedRDaIu9zDb6Z1qI73:4mlfFwhKzu9zDb6Z1h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f876948d9d2aca89eeac904ca8015645

Files

f876948d9d2aca89eeac904ca8015645
.dll windows:4 windows x86 arch:x86

928a2e9c5d421343dd895b6ae9fece75

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

StrPBrkW
UrlCreateFromPathW
UrlCombineW
StrRetToBufW

kernel32

GetProcessHeap
GetNumberFormatA
InterlockedIncrement
HeapFree
InterlockedExchange
LoadLibraryW
GetModuleFileNameW
GetModuleHandleW
GetSystemTimeAsFileTime
GetProcAddress
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep

ole32

CoTaskMemFree
CoUninitialize
CoAllowSetForegroundWindow
CreateBindCtx
CoInitializeEx

user32

ShowWindow
GetAncestor
SetForegroundWindow
GetClipCursor
FindWindowA
GetAsyncKeyState
MonitorFromPoint
GetWindowRect

msvcrt

malloc
free

Exports

Exports

HyAdjusttDesktopLenngth
HyBeeginDesktoppp
HyChangeDesskktop
HyEEnndWindowTText
HyEndddProc
HyGGetHandlee
HySettPrrooc

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ