1d4b6c3d7e18cc7d59c1a05f31f357f8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1d4b6c3d7e18cc7d59c1a05f31f357f8
Size

211KB
MD5

1d4b6c3d7e18cc7d59c1a05f31f357f8
SHA1

b0631bba4afab6de58c984d90e7f5bb8eb3ade7d
SHA256

79fa1cf1df395004e25de86d08f322d04e85670e790d4423d0f713c4d6ac8e24
SHA512

43077d7496f398dd05b349a45934356506bb348b66f5c9f73958d5307e113bf3423feebbf4f1394d5a3e627143b8322ff11b185bc5d4fbc69a00dab987ad5710
SSDEEP

6144:mS81/q98rw+ODM9+MlDBwc8J8l6Ck1Gqz:mS+Dr7nwMlDjC88CkH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d4b6c3d7e18cc7d59c1a05f31f357f8

Files

1d4b6c3d7e18cc7d59c1a05f31f357f8
.dll windows:5 windows x86 arch:x86

70b09ed8d20981ac7d1f41a9b594b258

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

memcmp

kernel32

ReadFile
InterlockedDecrement
LocalFree
LocalAlloc
WideCharToMultiByte
CloseHandle
SetFilePointer
CreateFileA
GetModuleFileNameA

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ