04aafa562df0de170a9e99e9c4153f85 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04aafa562df0de170a9e99e9c4153f85
Size

28KB
MD5

04aafa562df0de170a9e99e9c4153f85
SHA1

5c97d077ac3be7148976371305d929aa4cf9484e
SHA256

51ad1f4885ac41e9cc2c31bb0046902f187555722faa6f027328be6e46146bcd
SHA512

2d43213724af8e7fb908630cabf4add64797527c41319453836da45f21ff7de673c7029503989b96809b3268e84c6c7790bca08b869435ed85e5cb84ed6c58f3
SSDEEP

384:FnabmL7I8FezENb62C59AHg2xoSuwaLXFdbGnWnW0ICyZsUvtR:Fnabm/IMezENb62CLAFxoSuuExyZ1b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04aafa562df0de170a9e99e9c4153f85

Files

04aafa562df0de170a9e99e9c4153f85
.dll windows:4 windows x86 arch:x86

c4336fa5d744fa0d11f56a557c45140f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ResetEvent
FormatMessageA
CompareStringW
EnterCriticalSection
SetCriticalSectionSpinCount
ExpandEnvironmentStringsA
WaitForSingleObject
CancelWaitableTimer
InterlockedIncrement
lstrcpynW
HeapLock
SetEnvironmentVariableW
FormatMessageW
CreateEventW
LocalFree
ResetEvent
ExpandEnvironmentStringsA
FindResourceW

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 511B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ