4181bb84a50bcde14ebf841cdeaa314d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4181bb84a50bcde14ebf841cdeaa314d
Size

94KB
MD5

4181bb84a50bcde14ebf841cdeaa314d
SHA1

dc49d4f6d5ea15ea1025943b914ec7a9c2c5251f
SHA256

7e965e5d7ca5083ba506a3b13de82e4cf61f005fb366926aa8c728e7832de5b7
SHA512

a30aa7dc1f35ddb1859506d6302eddf614b379cdbc8491e0564790fc143e6b4b1d39e3bf0ad2f4e863c84904dd73c69bd0720210cdf679ed84c1b607b17444cf
SSDEEP

1536:zCW0amJodIe7cPNunN7tyBhZyIp8SjfC+9jHa8vC3hQkDS8rAJJoFQQ8pbKh6YGn:l0xJ0HiNM72hZaSD7j68vC3mkDN0rw6f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4181bb84a50bcde14ebf841cdeaa314d

Files

4181bb84a50bcde14ebf841cdeaa314d
.dll windows:4 windows x86 arch:x86

91ff0f26d552b339da14de741e8a1581

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CompareStringA
ExitProcess
GetPrivateProfileStringA
GetVersionExA
InitializeCriticalSection
lstrcmpiA
lstrcpynA

Sections

.sforce3
Size: 26KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RDATA
Size: 63KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sforce3
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.brick
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ