0d255373af135a925edde4c6d91633a2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d255373af135a925edde4c6d91633a2
Size

9KB
MD5

0d255373af135a925edde4c6d91633a2
SHA1

5590f4fe42442dbd1c867da3c6ddd9ce18ecd79e
SHA256

b691dff3bce44989198dbc061e6336fc2f4a38e6402bb676ef7b2281a0c043bf
SHA512

72f23df75dd54cf36ae1db2404a396770f8a75ea1cae462cf9a24a7391bc8c1b66acad24ff727ae9994747422f9d13897a3ca528db60afe2b4614b0311b5c87d
SSDEEP

192:/gMggMCkxiJfkoeBxwtFhM6qtYgGwA5i5wVRGwkaH0MivWSkL8fR:vaCkxixkBxwn+5tdAQSR4R4L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d255373af135a925edde4c6d91633a2

Files

0d255373af135a925edde4c6d91633a2
.dll windows:4 windows x86 arch:x86

82afcca92254e53d8f5d81ba6a41417a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetProcessHeap
VirtualProtect
CloseHandle
CompareStringA
IsBadReadPtr
LoadLibraryA
GetModuleHandleA
GetModuleFileNameA
VirtualFreeEx
WaitForSingleObject
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
GetProcAddress
OpenProcess
lstrlenA
CreateThread
GetCurrentProcess
FreeLibrary

user32

wsprintfA
GetWindowTextA
FindWindowA
GetWindowThreadProcessId
SetTimer
KillTimer
TranslateMessage
DispatchMessageA
GetMessageA

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ