06b64d576258107103165f793837ac5f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06b64d576258107103165f793837ac5f
Size

174KB
MD5

06b64d576258107103165f793837ac5f
SHA1

5d402ebcff3e018427435d3c483ff217c7194f3c
SHA256

4bd474b1f615fc768411667af9008bca632bce598f02c565634cb49b4aa7e845
SHA512

2feb1cb004dfddda361f3b6c8c39712dd88611fc6c11363960840dc4425de436e11b4cd6434bdbe7d81398ef3bc93709199c766c690bd357bce0a751dffa2341
SSDEEP

3072:4olBRLWS5rOfQ326KRrXV2h2+lMNnTZuFw7Qz+Bf1QmeQmuvJK0N+VbU:/lBRLW1m27rXVs2+SNnTZrUz+B9vpfXN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06b64d576258107103165f793837ac5f

Files

06b64d576258107103165f793837ac5f
.dll windows:5 windows x86 arch:x86

de31dd75abe38332ca3d0df9db913835

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegOverridePredefKey

oleaut32

VarI2FromCy

msvcrt

memset

user32

TranslateMessage

kernel32

GetModuleFileNameA
OutputDebugStringA
GetModuleHandleW

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ