47661ffcc55527518a56ea349569348a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47661ffcc55527518a56ea349569348a
Size

92KB
MD5

47661ffcc55527518a56ea349569348a
SHA1

df5b123270bf321d3cc55164a22569dfab8d283f
SHA256

e9c1a62ab1b2a37aed86f88e3e42cf42d3de2aacb9e9974dd9fc018990f9e7f4
SHA512

1f4af731686098d24b8d416389979a06d7b48fd533fb46577efd77fceec2f38f2fd54eb860ad51b178d8e58324197c18f7db8b51aadafcd92fb1b14a15f286d1
SSDEEP

1536:9RxKpsAUV/91ZBzIO2KEeB6h7X/lFjt9TayBJY5luQ7jRRICbbQHTU:0Up99p2KEeB6plFjtkyM7/YCbb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47661ffcc55527518a56ea349569348a

Files

47661ffcc55527518a56ea349569348a
.dll windows:4 windows x86 arch:x86

0e8768bdc19aff5258193eca2035fc64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ReadFile
CreateFileA
Sleep
OutputDebugStringA
GetLastError
WriteFile
GetModuleFileNameA
GetModuleHandleA
GetTickCount
LockResource
LoadResource
SizeofResource
FindResourceA
CreateThread
WaitForSingleObject
CreateEventA
DisconnectNamedPipe
FlushFileBuffers
ExitProcess
GetOverlappedResult

user32

MessageBoxA

msvcrt

_strnicmp
_stricmp
malloc
free
sprintf
_splitpath
_initterm
_adjust_fdiv

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ