101feb88b83b0dc1b3d6c46881e61695 | Triage

Sharing

General

Target

101feb88b83b0dc1b3d6c46881e61695
Size

84KB
MD5

101feb88b83b0dc1b3d6c46881e61695
SHA1

9efa264cd769d090559d2531065b4a9f0f47faf5
SHA256

56b9e08831f409d13bb7b0373d027decb836c8275c7b11cc79532c1c12d7ab6f
SHA512

756acef07a54fc8b71e057753f17c3e760a4c9ceb7890e8f91b7eddfab58b82208fd8d2720133f0fe195369793d60b4373a6d3858161ae25c667062642a9cc26
SSDEEP

1536:LGbWomcyVIBFHYUVyPQ/L/8DOSWSnP/lJ/d5HwMPH4vMT0Dsm:Sio3yPu9YySN9Jll3PH4vi0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
101feb88b83b0dc1b3d6c46881e61695

Files

101feb88b83b0dc1b3d6c46881e61695
.dll windows:4 windows x86 arch:x86

4097c3c40e5d02553d30182980c8787a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetCurrentDirectoryW
LoadResource
LockFileEx
DeleteVolumeMountPointW
GlobalMemoryStatus
HeapUnlock
SetVolumeMountPointW
PulseEvent
lstrcatA
GetDiskFreeSpaceA
HeapLock

user32

UnregisterClassW
DrawFocusRect
GetThreadDesktop
DefMDIChildProcW
CharNextExA
TranslateAcceleratorA
SetMenuItemInfoW
wvsprintfW
SetDlgItemTextW
IsCharAlphaNumericW
SetWindowPos
CallWindowProcW
DestroyAcceleratorTable
RegisterHotKey
ClientToScreen
IsCharAlphaA

Exports

Exports

CPlApplet

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 955B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ