3a52d6e1fb62de183027ed5c67eb9801 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a52d6e1fb62de183027ed5c67eb9801
Size

52KB
MD5

3a52d6e1fb62de183027ed5c67eb9801
SHA1

72f36e4dfd55378439c913cb9b0d9221cb04d432
SHA256

13d54f7f337aa0342ffb183b2edeb9bbb0e81f49253905420adb70680518b033
SHA512

a19d79e6fc406e1b3fb4dbefea200f720bc13a5cb2d562d9cd5157fb9fa1aef98f2fdd3c201d46a24031e358cead8bb6410eacde3188adfb3b6a450cab1d2555
SSDEEP

768:9mVB2hcr+/d/IPVDHVAkTs4cWWWWK4b0:9muhu+1/IPVb4Nb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a52d6e1fb62de183027ed5c67eb9801

Files

3a52d6e1fb62de183027ed5c67eb9801
.dll windows:4 windows x86 arch:x86

27f67bf3a3705414427bdb31dd439b93

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA
GetProcAddress
LoadLibraryA
lstrcatA
lstrcpyA
GetModuleHandleA
GetModuleFileNameA
Sleep
GetCommandLineA

shell32

SHGetSpecialFolderPathA

msvcrt

exit
rand
strstr
memset
free
_initterm
malloc
_adjust_fdiv

Exports

Exports

??0CCBlackDll@@QAE@XZ
??4CCBlackDll@@QAEAAV0@ABV0@@Z
?b@@YAHXZ
?c@@YAHXZ
?fnCBlackDll@@YAHXZ
?fnReleaseDownloader@@YAHXZ
?fnView@@YAHK@Z
?nCBlackDll@@3HA

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 879B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ