278e3295ba2ff1497e4d17a67cf73553 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

278e3295ba2ff1497e4d17a67cf73553
Size

21KB
MD5

278e3295ba2ff1497e4d17a67cf73553
SHA1

be075b18a77c1cf88a0068ec560f8b1ecc392ed5
SHA256

5d7b1a3f3bd173b0378812e5e41c6ab783d25dc094adb20e4261836d9f6ce362
SHA512

12641445db154bc5b654819488e1262e4c20d2f2dbccc22f9884e44fe76992f67ba3dd7aabafcc3b170f2e62c2c45e82b6d0b48fa743296c5d9a9dd713487e74
SSDEEP

384:TujjSd/cmF5aAn9QUEK9X3Ybo0CDTi9xbTpRzDap1S:yjjSd0mTaHUP9bJ6l/zDa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
278e3295ba2ff1497e4d17a67cf73553

Files

278e3295ba2ff1497e4d17a67cf73553
.dll windows:4 windows x86 arch:x86

0c636198759e9459979c76d20ae18062

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA
GetFileAttributesA
SetFileAttributesA
DeleteFileA
GetShortPathNameA
ExpandEnvironmentStringsA
GetModuleFileNameA
MultiByteToWideChar
VirtualAllocEx
CloseHandle
ReadFile
GetFileSize
WriteFile
SetFilePointer
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
HeapSize
ReadProcessMemory
VirtualFreeEx
CreateFileA
WriteProcessMemory

user32

DispatchMessageA
TranslateMessage
GetMessageA
SetWindowsHookExA
CallNextHookEx

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc

ole32

CoCreateInstance

ws2_32

WSAGetLastError
WSASetLastError

shlwapi

StrStrA

Exports

Exports

_IWMPEvents@16
calloc
free
malloc
memmove
realloc

Sections

.bss
Size: - Virtual size: 561B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ