2a2a8883e590a14bbee0a025a68c6681 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a2a8883e590a14bbee0a025a68c6681
Size

241KB
MD5

2a2a8883e590a14bbee0a025a68c6681
SHA1

1907806b663107b2d330f941e89f2b4882ad5f74
SHA256

9a884d9287c3b884fb96be03dfa044b9a736571d8ebae366873bc509f4b37aa7
SHA512

39b02cfe63b50ca3d4bba23a54881929641cc32666473c73064730aa0b181a85c585f7dfe4613d4cd2c0c21fe6fc76b92ce605c5640a206ce83937a59dd6116d
SSDEEP

6144:mCQQe3oROerkhc7a/11EOXLrJpyR6VV5HyhdqRa:7xnRXrAc7KEOPRVZyhdqY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a2a8883e590a14bbee0a025a68c6681

Files

2a2a8883e590a14bbee0a025a68c6681
.dll windows:4 windows x86 arch:x86

fe9d9ef5bff6ceae21ba29f87c1d4dba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

UnregisterClassA

engine

?GetGlobal@KJxScript@@QAEHPBD@Z

winmm

timeGetTime

Exports

Exports

InjectDll
UnmapDll

Sections

.text
Size: 233KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE