57888d9d068c8f63dd1dff1bbc548ddf | Triage

Sharing

General

Target

57888d9d068c8f63dd1dff1bbc548ddf
Size

68KB
MD5

57888d9d068c8f63dd1dff1bbc548ddf
SHA1

00912c175dc53ae12a0813f2c0af487c53abdb23
SHA256

526160a5e4d3b4fa9a174d1912e9f5028cf4bad710215cea2a498bb8fbe9300a
SHA512

c3279de1a001ae2df499179e528944e3d335b79b84ad5b8c7d943a81169f0a7ec7fb77b203a4164d90044729058acf7d6a904ca6b82a5b8eb7cc0e9b18235358
SSDEEP

1536:iFzN559FOq3lXg/g9WCH2vjkU4KgFxKW5ZTL//NKPX2:gzPLXdZQkqQxKW5ZTL/lKPG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57888d9d068c8f63dd1dff1bbc548ddf

Files

57888d9d068c8f63dd1dff1bbc548ddf
.dll windows:4 windows x86 arch:x86

ed07c85613693a6fc23dd15c1255325a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_strcmpi

iphlpapi

GetAdaptersInfo

gdi32

BitBlt

user32

GetWindowRect

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 13KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE