206e521b41062b46983722d2a7527ea9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

206e521b41062b46983722d2a7527ea9
Size

83KB
MD5

206e521b41062b46983722d2a7527ea9
SHA1

9bd1a8de95b1a3631bd8aa7d873667af454516c6
SHA256

d8b453cda3ea77c48286c404a28b230123c59037450d6cd1c78991f859b35fba
SHA512

74b9e01d8c119419cbe5179c2f9eea0d48a6057fbd0c14571223cc41fca32158b76a66380878efca59157c7cf2a7d3a7659a3fe87cd9c22b71b8cdc0ebc68f6b
SSDEEP

1536:vVjkIi3amNdedL3QHTv8R3M7d3b6qE4HV+E1Fgs586T:1k3NNka4qEg91Fgs5lT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
206e521b41062b46983722d2a7527ea9

Files

206e521b41062b46983722d2a7527ea9
.dll windows:4 windows x86 arch:x86

7b38bc18ff7dceb0b5587bae024c8572

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LeaveCriticalSection
RaiseException
lstrcmpiA
ExitProcess

Sections

.sforce3
Size: 25KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RDATA
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sforce3
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.brick
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ