387078896aecbc8b856128bbac48471b | Triage

Sharing

General

Target

387078896aecbc8b856128bbac48471b
Size

2KB
MD5

387078896aecbc8b856128bbac48471b
SHA1

b2a3bf72419c90a45a5fdc6e4990bc7193bc258f
SHA256

1e3ea8152873538c401b64ac67c9fac3574f5afbf4a4b0c4b506e7e30163dc3a
SHA512

25a41978098ef44c88270c898daf96779f366af58cd1587a1d7b8edce6bcf80c1b7678d7451a1bf1f607ed7ac4a141895d516cf2490148f690916c86f3120ea7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
387078896aecbc8b856128bbac48471b

Files

387078896aecbc8b856128bbac48471b
.dll windows:1 windows x86 arch:x86

6fc39f96f87c766adf5446f89fdc6166

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
FindFirstFileA
GetLocalTime
GetSystemDirectoryA
GlobalFree
Sleep
VirtualAlloc
VirtualFree
WriteFile
lstrcatA

ntdll

ZwShutdownSystem
RtlAdjustPrivilege

advapi32

RegCloseKey
RegCreateKeyA
RegOpenKeyA
RegSetValueExA

Exports

Exports

install
on_load

Sections

.flat
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 54B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE