395c9d28589ebbc18a30bf05e17e8957 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

395c9d28589ebbc18a30bf05e17e8957
Size

170KB
MD5

395c9d28589ebbc18a30bf05e17e8957
SHA1

e5de61f3310ba09467e44470a13850264f797188
SHA256

1b05a7f995547977985cf1558d30cc7ad617d3956962f87a34b65252948a4c4d
SHA512

42933324a2679bddd1ea56c1fda1aa0f9464a36d639864bb774f7cfe0f393efa2bb3b03ea1b5a95d45ec2640f7c905fc71cb8af089aca9034075c8ec1d1eddd9
SSDEEP

1536:NncZj3jof/+qfBnRucCbChGQJSU/Zf96SF/4fa1Xp5qGCJIELVTk0hfRG6k:Ncj3c5nI/2hGJsld94fa1f+IEF/hc6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
395c9d28589ebbc18a30bf05e17e8957

Files

395c9d28589ebbc18a30bf05e17e8957
.dll windows:5 windows x86 arch:x86

df6a460b6e300aa36844cbdb2243470b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

EndDialog
GetWindowTextA
GetMenu
GetFocus

advapi32

RegOpenKeyExA
RegQueryValueA
RegEnumValueA

kernel32

OpenFileMappingA
lstrcmpA
GetFileTime
OpenFile
CreateDirectoryA
DeleteFileA
FormatMessageA
WriteFile
lstrlenA
ExitProcess
GetLastError
GetCommandLineA
ExitThread
FlushFileBuffers
GetCPInfo
GetPriorityClass
GetStdHandle
GlobalFree
HeapAlloc

Sections

.dh5d
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.3bh51
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gg37b
Size: 119KB - Virtual size: 419KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bb1af
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ