4e471f74ae773dd5e6bbbf1d78e5d60f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4e471f74ae773dd5e6bbbf1d78e5d60f
Size

72KB
MD5

4e471f74ae773dd5e6bbbf1d78e5d60f
SHA1

d4aceb2aa694f369a826b2de6321789a95ada378
SHA256

f058a7f2412229669fdfa88dd78c746461debc8fb1c72abc0f3098d96f61ef0b
SHA512

89c197e1bfc0289a634874590f0ae0e98f71080cfeb2215e7099f8f6e71c74d93011e922fd28b00e8e2125a35830eded23e07c1dcb8e081816ed859be5a55e47
SSDEEP

1536:o5vLpaTe8GHgx+cUnh4AAex4UDKrpibMRIRj5zPGRlQ7EkcDItyATjIa:qqwHhvn4eFKSMRIRliQ7YIwA3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e471f74ae773dd5e6bbbf1d78e5d60f

Files

4e471f74ae773dd5e6bbbf1d78e5d60f
.dll windows:4 windows x86 arch:x86

8f833bbf0a57a77420c1509aaadfa919

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntoskrnl.exe

RtlxUnicodeStringToAnsiSize
RtlAreAllAccessesGranted
RtlOemToUnicodeN
FsRtlLookupLargeMcbEntry
KeTickCount

Sections

.data
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 194B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ