55f885b7ecc9fe521c0f3030a8bda41f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

55f885b7ecc9fe521c0f3030a8bda41f
Size

10.0MB
MD5

55f885b7ecc9fe521c0f3030a8bda41f
SHA1

d5e44c958a3dbe62f20fdd941444d66dd9188004
SHA256

b6c5f15b9ab4d7a10c54baa2368f6c46e2c752d8f37945d9302ee36909d05ac3
SHA512

9f4b76a608379b557d25280365c5cc0eda9ed6f207eead96ea7b4c2e125aa0f5b62c17dd1b910a1ebb9e258dedf893566e39ccff370c848444db994560d648ee
SSDEEP

12288:px1Yhmfaa/lRMxerSayehdHVGFlSyhUcTm8i1aWjDcT8:318mfnJrSadGF604

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55f885b7ecc9fe521c0f3030a8bda41f

Files

55f885b7ecc9fe521c0f3030a8bda41f
.dll windows:1 windows x86 arch:x86

692ffe61d9a632969c7687a30cb189cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect

user32

CreateWindowExA
DefWindowProcA
RegisterClassA
SendMessageA

advapi32

CryptAcquireContextA
CryptCreateHash
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptReleaseContext

crypt32

CryptStringToBinaryA

Exports

Exports

AppCleanup
capCreateCaptureWindowA
capCreateCaptureWindowW
capGetDriverDescriptionA
capGetDriverDescriptionW
videoThunk32

Sections

.code
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 235B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 894B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ