08f8960e1eb7618757e36051832f297e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08f8960e1eb7618757e36051832f297e
Size

124KB
MD5

08f8960e1eb7618757e36051832f297e
SHA1

296a5b78a63a287179a58a0505281f5652bd9ad7
SHA256

4ffe4d5c30dbc494b956be2a14f06b205b57b9e3e94dd4bb80ecaaaa73dbde46
SHA512

d67976278cede166db68a4539a14b826b909eb7fdccb559d1ed6ccc5662d3b37b5bdd9c2ad075f32c57163899d2f364088c0b7f157245e0acc0ab3779507ba22
SSDEEP

1536:tirNjV7sKaHYEY7UpC9ktoPQNDbEH1Wgryt5PDT4azWVdh9lNyeZnTdWn3jFS:tiBhsK6YEG/8DQVWNDVWVdDPZTdWTc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08f8960e1eb7618757e36051832f297e

Files

08f8960e1eb7618757e36051832f297e
.dll windows:5 windows x86 arch:x86

fe0a88badb8f9345b9864c631011ecae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
lstrcmpiA
TerminateProcess
GetProcessHeap
LoadLibraryA
IsBadReadPtr
HeapAlloc
GetProcAddress
AssignProcessToJobObject
UpdateResourceA
GetCurrentProcess
GetDateFormatA

user32

SetPropA
AnimateWindow
CheckMenuRadioItem
MapVirtualKeyW

gdi32

LineTo
EndPath
SetGraphicsMode

advapi32

GetServiceDisplayNameA

Exports

Exports

ebsgwzgrtnm
hrvyihwp
xbqkuiroih

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ