05a36bf1dc0671fcba3f728ea19281c8 | Triage

Sharing

General

Target

05a36bf1dc0671fcba3f728ea19281c8
Size

19KB
MD5

05a36bf1dc0671fcba3f728ea19281c8
SHA1

9405e5a086f621fff61cd6ab3adadae7ce886036
SHA256

6ab7ce3de9acfe107dc8ad5dae893787c5325e24cff4660600d426f54d1a2962
SHA512

16de5960a2bc6f592e65611f9114aa4b1677ac07e25cedfc0439ca15af77adf851ea47f415f89313c0cc9ba0dc3e9e500777765a549cb309efdb8cf83fd8f929
SSDEEP

384:ui+Ca0L2eSYeAEztAn63aV8da2RvBoy2/n0IgKnFq:YCCxJF26KV8da2RvBox/n0IgKnFq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05a36bf1dc0671fcba3f728ea19281c8

Files

05a36bf1dc0671fcba3f728ea19281c8
.dll windows:5 windows x86 arch:x86

9f9891c31278767c823177bcff3c2bcb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

strrchr
strchr
strstr
sprintf
_stricmp
memset
memcpy
RtlUnwind

msvcrt

realloc
free

kernel32

TerminateThread
CreateThread
LocalFree
CloseHandle
GetFileTime
CreateMutexA
GetModuleHandleA
GetModuleFileNameA
OpenEventA
LocalAlloc
LoadLibraryA
HeapReAlloc
FreeLibrary
HeapAlloc
HeapFree
WaitForSingleObject
SetEvent
GetTickCount
GetProcessHeap
IsBadReadPtr
SetFileTime
InitializeCriticalSection
ResetEvent
Sleep
CreateEventA
LeaveCriticalSection
LocalReAlloc
GetProcAddress
EnterCriticalSection

Exports

Exports

fquje
yuvno

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kqxfc
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ