542573f8ad69e30e006e5fb4d4c92b88 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

542573f8ad69e30e006e5fb4d4c92b88
Size

6KB
MD5

542573f8ad69e30e006e5fb4d4c92b88
SHA1

b49b0ca6609f82b59f8816360ac3b2a645cce40a
SHA256

127a24aef796a92b278d06f6eefa1240ce38e07709f3509ca3be11aedf07cdd5
SHA512

1683a57ca76391f81c532a62ed0a060be673b977c19be8fec08b949c3e453e1f6e2076f3b851dcb70e34e9693ed95c01c075e825cc3237a687890da3da712bc6
SSDEEP

48:aGy7MN4cpSGAXbIni1kvNs6ztutiKIZWiwQTnU5WwG2QozbC:xB4c4G6bn1k1sw0EW3enIWwGqb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
542573f8ad69e30e006e5fb4d4c92b88

Files

542573f8ad69e30e006e5fb4d4c92b88
.dll windows:5 windows x86 arch:x86

5fff0a73b4734f42a651e889856c031e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

GdiGradientFill
GetObjectType
GetCurrentObject
GetObjectA
GetDeviceCaps
GdiAlphaBlend
GdiTransparentBlt

kernel32

SetLastError
DisableThreadLibraryCalls
GetVersionExA
FreeLibrary

Exports

Exports

AlphaBlend
DllInitialize
GradientFill
TransparentBlt
vSetDdrawflag

Sections

.text
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.texc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE