4072fdba256785322a5abefa9a2f89e9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4072fdba256785322a5abefa9a2f89e9
Size

9KB
MD5

4072fdba256785322a5abefa9a2f89e9
SHA1

de1a3e94587c196970f5431dd62003f8d72083c7
SHA256

cff4b853576cf639361034f0654648aae284e9bc64a8e718582a98237e739dca
SHA512

166a170d93f218521e93c7dff9dc05d77a3fe046028e83d900bebe5eac194da59a804964a14445c53afce5b1b7b7042bb82b8f027f84458ece92dd24fc9075f2
SSDEEP

192:6X+rnoWDa2WxJZCfL5NMvIsexbaYv4tol2KlivY824mVU0bNjhsrhL:sQnTyAD34UbaxVKlivB24KdbNjhs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4072fdba256785322a5abefa9a2f89e9

Files

4072fdba256785322a5abefa9a2f89e9
.dll windows:4 windows x86 arch:x86

39db42c7d42b3577dd5c6dfc17782f60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SendMessageA
SendDlgItemMessageA
GetWindowTextA
GetDlgItemTextA
GetClassNameA
EnumThreadWindows

kernel32

VirtualAlloc
Thread32Next
Thread32First
CloseHandle
CreateFileA
CreateThread
CreateToolhelp32Snapshot
DeleteFileA
DeviceIoControl
DisableThreadLibraryCalls
ExitThread
GetComputerNameA
GetCurrentProcess
GetCurrentProcessId
GetDriveTypeA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetVolumeInformationA
IsBadReadPtr
LoadLibraryA
Sleep

advapi32

GetUserNameA
GetCurrentHwProfileA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 942B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 706B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ