1199c82a2f47172ee7da062bbfc270e5 | Triage

Sharing

General

Target

1199c82a2f47172ee7da062bbfc270e5
Size

20KB
MD5

1199c82a2f47172ee7da062bbfc270e5
SHA1

b6490be697539164995f3b9980477bb90f44c0b7
SHA256

58d49edc32b918a2c06370670630e3cee8e61bb6aba95cf6a91ea9061d41b308
SHA512

b81bdb203bddc92b704ae9061397d811f9ca3d9b8948d83fead7c843d34f6cf4638d4d8ed8d5910bf4dedae085e91dc122652c7142e50cb1ee64667c86e18ac7
SSDEEP

384:woB7v8ERwGRsOQ6qFt2cgKZmEsvjICeq1vKzQ:D5v3LsOZqv+XP+Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1199c82a2f47172ee7da062bbfc270e5

Files

1199c82a2f47172ee7da062bbfc270e5
.dll windows:4 windows x86 arch:x86

c1286f6a59098535b9fa1058d6acd705

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

PostMessageA
MessageBoxIndirectA
IsMenu
DefDlgProcA
DdeCreateDataHandle
DdeCmpStringHandles
CallWindowProcW
wsprintfA

kernel32

lstrlenA
lstrcatA
_lwrite
_lread
_llseek
AddAtomA
Beep
BeginUpdateResourceA
CloseHandle
CreateFileA
CreateThread
DeleteAtom
DeviceIoControl
ExitProcess
ExitThread
FillConsoleOutputCharacterA
FlushViewOfFile
GetFileSize
GetLastError
GetProcAddress
GetProcessHeaps
GetSystemTime
GetTempPathA
GetTickCount
GetVolumePathNameA
HeapAlloc
InitAtomTable
LoadLibraryA
LoadLibraryExA
OpenMutexA
RtlMoveMemory
Sleep
SleepEx
SystemTimeToTzSpecificLocalTime
WaitForDebugEvent
WriteConsoleA

gdi32

GetGlyphIndicesA

comdlg32

GetOpenFileNameA

Exports

Exports

wadevv

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ