4505a6c6db16aa1e3e0fe91927e56da4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4505a6c6db16aa1e3e0fe91927e56da4
Size

152KB
MD5

4505a6c6db16aa1e3e0fe91927e56da4
SHA1

5cd9819b459cd9e65b3e9500bdd51a2b0a504333
SHA256

252cee3d4854a60492b9963319c417d99597bb37261b01d31bb16b70e79c7052
SHA512

19146fee124ac7d1ca9146a5f2f1f8fe48de218da18f644d8274b23f4c6197f8ddfd380222a485b897d3459efa73d0f58da2b6633cf975733c67e15e2c711e33
SSDEEP

3072:SWYQCSu5rKP4MNoel9TOwShULEuYMDzs/ZgQyYIb1T/o:SA5u5rqTClUIua/9w/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4505a6c6db16aa1e3e0fe91927e56da4

Files

4505a6c6db16aa1e3e0fe91927e56da4
.dll windows:4 windows x86 arch:x86

44dbb63847183a3f7c379297d8d7ddf2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comdlg32

GetOpenFileNameW
ChooseFontW
GetSaveFileNameW
CommDlgExtendedError

kernel32

GetModuleHandleW
FindClose
FindNextFileA
GetStringTypeW
FindFirstFileA
EnumResourceLanguagesA
WideCharToMultiByte
ReadFile
WriteFile
SetFilePointer
GlobalHandle
IsDBCSLeadByte
GetModuleHandleA
VirtualProtect
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetProcessHeap
GetModuleHandleW
CreateProcessA
GetTempFileNameA
HeapFree
HeapAlloc
LoadLibraryW
InterlockedExchange
Sleep

oleaut32

DispGetIDsOfNames
CreateErrorInfo
OleCreateFontIndirect
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

Exports

Exports

AlphaBlend
GradientFill
TransparentBlt

Sections

.text
Size: 107KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ