2032bd5408079261686c04a13047a725 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2032bd5408079261686c04a13047a725
Size

173KB
MD5

2032bd5408079261686c04a13047a725
SHA1

17ec5e385653f4dc6dd1a63d1153d17cd9514fee
SHA256

891b6837b6da5f8bdfdea1d2d6b56cf8296c9fe548bc080901d859a5a3f3241d
SHA512

75b2b79565f7a547d74aa4e84d72c21d16992085583742a9f52823a77a8cd8eda2c2d36793a0c1c2dcafe190d10810044c3f793f81140ceecb87dfcae154f73d
SSDEEP

3072:X9ORJSyZFYmLo3rDn5o6Nyx02jzId8AcA0ljrivJlPKIzuaXJ67/JYvhFGQxzp/y:X9RybYlDn5VyW2Id7TPKIzz67/JcFGYQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2032bd5408079261686c04a13047a725

Files

2032bd5408079261686c04a13047a725
.dll windows:5 windows x86 arch:x86

08f46ebcaf246bd9d7d1ee2dfd31d3bf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

StrCmpNIA
PathMakePrettyW

gdi32

GetDeviceCaps
SelectPalette
CreateBitmapIndirect
GetNearestPaletteIndex
ExcludeClipRect

user32

TranslateMessage
DrawIcon
OemToCharBuffA
CharUpperA
CheckMenuItem
InsertMenuItemW
SetLastErrorEx
keybd_event
SetPropW
PostThreadMessageA
ReleaseDC
DeleteMenu

kernel32

SetCurrentDirectoryA
GetUserDefaultLCID
GetComputerNameA
lstrcpyW
EnumResourceLanguagesA
lstrcmpiA

msvcrt

vsprintf
toupper
wcsrchr
strcspn
getc
isalpha
srand

Exports

Exports

?lvUqayqzQh@@YGPAMKPAD@Z
?eSaaytwlhhmwvsHazjF@@YGPAJGPAF@Z
?ijuIbkqgrbVfsfQkrEcuo@@YGPAIIPAH@Z
?mijdOxil@@YGPAXJ@Z

Sections

.itext
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 141KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ