0e24b7632aeb4deb3ce845dc8955d5f5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e24b7632aeb4deb3ce845dc8955d5f5
Size

214KB
MD5

0e24b7632aeb4deb3ce845dc8955d5f5
SHA1

dda217421e60f2eb815996ce1aba382a34fd3a58
SHA256

eb042898009214f9fcec2d692ac154f451fff271d157b27295e0c3924d1b333a
SHA512

a4fcf877f09559ffac45c3b6f4e869dd2239049b642c189eb40094b853cfb03f78f54d01125c1a8cb47105ac021617201e07b705b625c13ed61bae56f37be46c
SSDEEP

6144:kiEN/McM+b/cCmhE/z7jDyebZzNUWbWNz4C:kiEN/McM+bV7+g3b9C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e24b7632aeb4deb3ce845dc8955d5f5

Files

0e24b7632aeb4deb3ce845dc8955d5f5
.dll windows:4 windows x86 arch:x86

d9ac461473b091d41d08ae6fab42f774

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
FindResourceA
GetACP
GetCommandLineA
GetExitCodeThread
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
MultiByteToWideChar
OpenEventA
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
lstrlenA

msvcrt

setlocale
srand
sscanf
strpbrk
__p__commode
__p__fmode
_stricmp
_except_handler3
realloc
free
fprintf

user32

FindWindowExA
EmptyClipboard
OffsetRect

oleaut32

RevokeActiveObject
SysFreeString
OleLoadPicturePath

shlwapi

PathFileExistsA
PathGetCharTypeA

Exports

Exports

SurfaceFlipNotify
VersionNumberUCScribe

Sections

.text
Size: 125KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ