08dac4b0a457396419496ee4e4fd725d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08dac4b0a457396419496ee4e4fd725d
Size

21KB
MD5

08dac4b0a457396419496ee4e4fd725d
SHA1

2660d8f7805c4c19bdc51aed2e16d74e11809b17
SHA256

24d87bda9fbe7f9f8fb4a83757961f905b52ab0fd4c206b1521b402c9b0f428c
SHA512

333820fdf9c8995df082a51e0317d3828e7cdd7e293ec8b8b183de5c283908fd92f7d3159b3d3a92acafaf950163ebc577fcc64e64dfd48631aef330d8f4c746
SSDEEP

384:wMZjfWfBYHiAqVoWb5TwXWX7pl17GtH6xRQ50dYuynFJHzZX8Gl7JguHvF+8o:wMZyfB6izh5G0AEoHrl+uHvG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08dac4b0a457396419496ee4e4fd725d

Files

08dac4b0a457396419496ee4e4fd725d
.dll windows:4 windows x86 arch:x86

d3f108b4413d801ddd1b54a7864e621f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

QueryPerformanceCounter
Sleep
GetACP
LoadLibraryA
InterlockedDecrement
InterlockedExchange
IsBadWritePtr
GetProcAddress
GetUserDefaultLCID
MulDiv
VirtualAlloc
VirtualProtect
GetTickCount
IsBadReadPtr
GetModuleFileNameA
GetProcessHeap

user32

GetCursor
GetWindowRect
GetWindowTextA
IsCharLowerA
IsCharUpperA
GetWindowRgn
GetForegroundWindow
GetIconInfo
CopyIcon
GetDlgItem
GetWindow
GetWindowInfo
IsIconic
IsWindowVisible
GetGUIThreadInfo
InSendMessage
GetDesktopWindow
GetClientRect

msvcrt

_errno
__mb_cur_max
_adjust_fdiv
malloc
_initterm
free
_memicmp
memchr
_swab
_hypot
_ultoa
_CIacos
_CIfmod
time
floor
_pctype
_isctype
_CIsinh

gdi32

GdiFlush
GetBkColor

ole32

CoGetCurrentProcess

shell32

DuplicateIcon
ord64

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ