048003f6cabbf4a6d97e80f33c4aae37 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

048003f6cabbf4a6d97e80f33c4aae37
Size

25KB
MD5

048003f6cabbf4a6d97e80f33c4aae37
SHA1

16ca88c2c65d1f20b4728eec5c5370ba8ab25bf8
SHA256

b4cb33abee2ed46b344b89d8b064daacaa22e4af998f304349a7449b5b5050d4
SHA512

a0b5b1bf7f5b0432e91fa335ee2bbb652d97b0f403852bcfec2c32a5fd7aae25feca3c35184bebeacc6a6e133edb6df56c15c9692580fb761051dbc209014339
SSDEEP

384:Z/R+LjJIrJfn7+6YS4DcXOfspIOePqg1CL/XRh/XndavSX7tYn0H:5Ro1266sDcNeTipPaQK0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
048003f6cabbf4a6d97e80f33c4aae37

Files

048003f6cabbf4a6d97e80f33c4aae37
.dll windows:4 windows x86 arch:x86

0f11352dad67a8b96580775deb438a1b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TransactNamedPipe
HeapWalk
MapViewOfFile
TryEnterCriticalSection
GetVolumePathNameA
EnumUILanguagesA
FormatMessageA
HeapSize
GetEnvironmentStringsA
TryEnterCriticalSection
SetProcessAffinityMask
GetVersion
HeapDestroy
GetWriteWatch
GetCommandLineA
ExitProcess
GetStartupInfoA
lstrcmpA
IsValidLanguageGroup
SetTapeParameters
LocalCompact
GetDevicePowerState
SetMailslotInfo
IsBadCodePtr
DeleteCriticalSection
GetWindowsDirectoryA
lstrcmp
GetDiskFreeSpaceA
RegisterWaitForInputIdle
VerLanguageNameA

Sections

ATSEC0
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ATSEC1
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ATSEC2
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ