56414005a1ac5f6f40b0b89880f0813c | Triage

Sharing

General

Target

56414005a1ac5f6f40b0b89880f0813c
Size

49KB
MD5

56414005a1ac5f6f40b0b89880f0813c
SHA1

991e462204c758e54d55f312654341e412f94ec4
SHA256

91f3d87c2b2328e41001b16bf84bbc5f3dc281583a370a7659dddda3d01f0d1f
SHA512

8a0428f0feb7ce5748e13cd8754cb3fe8a6faf7613ba6707b722103526388f6ebb9a164915bf41004585540589878dc94734c6eeae816de8f7c3ef466d0b1257
SSDEEP

768:fRJXEnmnleSabxesmr4zko2oDlen/SBgjfzEMVfGzs9uRMCzTWo:fjXEm0SOEYg8gqUEMVeg0+kTWo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56414005a1ac5f6f40b0b89880f0813c

Files

56414005a1ac5f6f40b0b89880f0813c
.dll windows:4 windows x86 arch:x86

6926dcc975c04f0d6735c237fe973275

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mprgphk

ImmRequestMessageA
ILFindLastID
strncat
wcsncmp
ILGetNext
Control_RunDLLA
ImmSetConversionStatus
labs
_CIsqrt
CtfImmRestoreToolbarWnd
CtfAImmActivate
ImmGetConversionListA
memcpy
_wcsicmp
ILAppendID
ImmGetContext
CheckEscapesA
_alloca_probe

kernel32

ExitProcess
SetFirmwareEnvironmentVariableA
VirtualQuery
UnmapViewOfFile
CreateFileA
EnterCriticalSection
RtlZeroMemory
MapViewOfFile
GetFileTime
CreateThread
SetFilePointer
DeleteCriticalSection
GetCurrentProcess
WaitForMultipleObjects
LeaveCriticalSection
ReadFile
Sleep
InitializeCriticalSection
FileTimeToDosDateTime
CreateFileMappingA
CreateIoCompletionPort
WriteFile
CreateEventA
WaitNamedPipeA
ConnectNamedPipe

Exports

Exports

CreateProcessNotify
AtBrfpmp

Sections

.text
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ