0f1e065f1d1221b9a598a217637b8858 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f1e065f1d1221b9a598a217637b8858
Size

135KB
MD5

0f1e065f1d1221b9a598a217637b8858
SHA1

7748a74015a42bf02a70ad6532c37c5aec503a62
SHA256

f37c60f27e24571e4733a32994916a48e8a1783ce97a139b07c6d23aa839e84c
SHA512

637459a8b57f7012ef198a7263f3c4fbe5e1c9673201da96a13b673239e7a387fa002697ae1136aaadb6c15ed2602714b07de7754f45842e1d6dfa845a35a7ea
SSDEEP

3072:cHAl7sdz5QAFQ70dsmEaqdntO6IrVuYKxIEnEaEDN6Vmh6n7:cgl7GtzQ7PGqRtO6IrVuZxZna5ky6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f1e065f1d1221b9a598a217637b8858

Files

0f1e065f1d1221b9a598a217637b8858
.dll windows:5 windows x86 arch:x86

871ab58d6d2c413a532585c0e26069a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

memset

shlwapi

StrChrA
StrToIntExW
StrRChrA

kernel32

GetProcessAffinityMask
OpenThread
FindResourceExW
RequestDeviceWakeup

user32

DrawFocusRect
SetPropW
GetMenu
TabbedTextOutW
SendNotifyMessageA
GetWindowDC
OpenClipboard
InsertMenuA
CharToOemBuffW
GetPropW
IsCharAlphaNumericA
CreateAcceleratorTableW
SetLastErrorEx

gdi32

GetMiterLimit
GetDeviceGammaRamp
SetDeviceGammaRamp
GetCharABCWidthsA
ExtTextOutW
FixBrushOrgEx
PaintRgn
MoveToEx

Exports

Exports

?JHdhgdhjHGSDgdVDVHDHJgfdkjhfjkh@@YGKKK@Z
?mhjnHDBHVBhmgbvsdHGGDHJDHFDKF@@YGKKKK@Z
?mnhJDJhgdHGDSDBSHBjhgDBSMNFSDKJFSD@@YGKK@Z

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 570B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ