2b41861045dc84f3e7b724a112f00267 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b41861045dc84f3e7b724a112f00267
Size

45KB
MD5

2b41861045dc84f3e7b724a112f00267
SHA1

74f26091d044a55a575882ca1b1f7161dd82b582
SHA256

a8587cd2083e496a277da63514f5a0a0ed85b9fb536526ae18fca1c0b3f99c05
SHA512

238ed778b27af32543a7bd3014d54ec711e433dddad92e4ecc1213055c0f7851254f6a090ee884bfade3d97cf263a605cf5eb65d85fe8910f329cc721ab98f26
SSDEEP

384:Fds6Nplmo/FV9iuiDWT8KRwmsKOI1MSPP8ClguAN5bI7dK53Hp2+MBen:njYo/JiuiQRwIONitANxIRKhANen

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b41861045dc84f3e7b724a112f00267

Files

2b41861045dc84f3e7b724a112f00267
.dll windows:4 windows x86 arch:x86

ddc6a10c3c21439ba024305d9704fcfb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteConsoleOutputCharacterA
ReleaseSemaphore
GetLogicalDrives
GetCommState
SetConsoleOutputCP
GetShortPathNameA
GetLocaleInfoA
ReadConsoleOutputAttribute
GetTempPathA
ReadConsoleInputA
OpenFileMappingA
GetTickCount
IsSystemResumeAutomatic
DisconnectNamedPipe
GetLocaleInfoA
SleepEx
LocalFileTimeToFileTime
ReadConsoleOutputCharacterA
VirtualAllocEx
ResetEvent
GetProcessPriorityBoost
GetThreadPriorityBoost
SetEvent
GetVolumePathNamesForVolumeNameA
ExpungeConsoleCommandHistoryA
MapViewOfFileEx
RaiseException
DeleteTimerQueue
WriteConsoleOutputA
SetFileTime

wininet

InternetUnlockRequestFile
InternetGetConnectedStateExA
ResumeSuspendedDownload
InternetCrackUrlA
FtpSetCurrentDirectoryW
InternetQueryDataAvailable
FtpRemoveDirectoryW
FtpSetCurrentDirectoryW

Exports

Exports

SetNimmiikvlj
Jvivqacv
Srbfebicm
GetVnvylbp
Mqevjoj
Cdoxabqp
Iknfoayqmp
Fbhlemwqo

Sections

INIT
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ