57d384262633b90e484e19e5cee24aab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

57d384262633b90e484e19e5cee24aab
Size

35KB
MD5

57d384262633b90e484e19e5cee24aab
SHA1

552cde0522a2f469ee4c3878acdeef660627838b
SHA256

6be053d3a2429324998a8a633ce7d5e55ffdd425d36179338e03864558883fed
SHA512

8ba32c9d3078972696971e8b65f547533bf39e02980348299211a7583180da8ca2cb863f6b275bdb658ce0be625b304343e93ca7d5e3b73afd7d450fa1e84412
SSDEEP

768:hRDuHbFSy8Xfyr17w21Y2Eql/FvBYpXqifQEu7cQ//BFmU:ybFSqrxZEqllepXqioE7Q//CU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57d384262633b90e484e19e5cee24aab

Files

57d384262633b90e484e19e5cee24aab
.dll windows:4 windows x86 arch:x86

7040b2c0a187c3127bdccfb92e517366

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime
CloseDriver

shlwapi

SHDeleteEmptyKeyW
SHDeleteKeyA
SHDeleteValueA
SHEnumKeyExA
SHGetValueW

user32

wsprintfW

advapi32

GetUserNameW
RegCloseKey

kernel32

ResetEvent
ReleaseMutex
IsValidLocale
HeapAlloc
GlobalAlloc
GetUserDefaultLCID
GetProcessHeap
GetModuleFileNameA
HeapFree
IsValidCodePage
CloseHandle
Beep
BackupRead
BackupSeek
CancelIo
GetCurrentDirectoryA
GetWindowsDirectoryA
GetWindowsDirectoryW
GetDriveTypeA
SetCurrentDirectoryA
GetExitCodeProcess
OpenEventA
CreateFileMappingA
DeviceIoControl
DisconnectNamedPipe
DuplicateHandle
GetConsoleCP

msvcrt

malloc
free

ole32

OleUninitialize

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.udata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ