5300dc29615acc6e685b20fb565c6f4d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5300dc29615acc6e685b20fb565c6f4d
Size

9KB
MD5

5300dc29615acc6e685b20fb565c6f4d
SHA1

aae2f5fcd296a70240eb11e7ea8cc07ec435af64
SHA256

e9320783b916a2904f4178d4a051b187a30e9fc4d283177c1503935ccb31ee11
SHA512

0bbc9b5ac2d56240436c72bf3bf9250477d1c6f91ecdfba2b7da815e2b6879689b8b45c109d66755fd7c70da86ba65af35a68f77e3cc444b049e417dcd8ef034
SSDEEP

192:6aypygh2lXPA8PR1QaOVT6ETWiRTWbZwwNvwMM:6aAygwlfAQPOVRWiRTWbZwwNYMM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5300dc29615acc6e685b20fb565c6f4d

Files

5300dc29615acc6e685b20fb565c6f4d
.dll windows:6 windows x86 arch:x86

d8d1997437e1dc99916ac8cfbb458cac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_except_handler4_common
_amsg_exit
_initterm
free
malloc
_XcptFilter
memset

user32

MessageBoxW
LoadStringW

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
DisableThreadLibraryCalls
InterlockedExchange

Exports

Exports

DllMain
EditAuditInfo
EditOwnerInfo
EditPermissionInfo
FMExtensionProcW
SedDiscretionaryAclEditor
SedSystemAclEditor
SedTakeOwnership

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 330B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ