0529c0f68bf3ecd210bcd5bd62162f43 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0529c0f68bf3ecd210bcd5bd62162f43
Size

12KB
MD5

0529c0f68bf3ecd210bcd5bd62162f43
SHA1

183000e74d71c30cc264c0af4f6f54e16b563788
SHA256

7dff3f3121f344665847ca63666b69001b748b0f8c7f189222f0e2bb2c14e59e
SHA512

841e55b55382736453e3d08d22ffc4fce3ba4300c519006f9bea60a5f2fdb7676e95a72fd4603069c3387852463c9b8b76b9de640afb6cde2129fd0295859129
SSDEEP

192:ttgBQQQW0g61kSSXyaA05/vjqJOlGhBAT:ttqYnkyaA0NvjqJOlu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0529c0f68bf3ecd210bcd5bd62162f43

Files

0529c0f68bf3ecd210bcd5bd62162f43
.dll windows:4 windows x86 arch:x86

e9dbcca2b5f7de92874a692cfb9e0039

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
ReadFile
GetSystemTime
DeleteFileA
CloseHandle
GetFileSize
GetLastError
GlobalAlloc
SetFilePointer
WriteFile
GetSystemDirectoryA
CreateDirectoryA
GetProcessTimes
CreateProcessA
GlobalFree
GetTickCount
GetTempFileNameA
GetTempPathA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
RtlUnwind
CreateFileA
Sleep
lstrcpyA
lstrcatA
GetFileAttributesA

user32

wsprintfA
wvsprintfA

advapi32

RegCloseKey
RegCreateKeyA
RegQueryValueExA

Exports

Exports

Joint

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ