655a4bf14e5450affc562e07fb2c38ca | Triage

Sharing

Copy URL Twitter E-mail

General

Target

655a4bf14e5450affc562e07fb2c38ca
Size

55KB
MD5

655a4bf14e5450affc562e07fb2c38ca
SHA1

08c382d6f3dddd0773cbb856e080e97f79c53c57
SHA256

135b252133af1eab0ff11693281a8b527ddde30c14b47c012c3b3e7c9fb753ae
SHA512

fc6e707326c15575f3f4447c78747f36bcd665d77e756b3cccb848e2d65497f493c55435058bcb40ef89a886461065cbf3c7628a68c85214a11f0917c8fd7def
SSDEEP

768:nCK5pbbM7pN8+QRCj8LUfjFVRFQF6ACVmr+7u+mGfIeCZj/+K6PNX5KCzXuigzhX:nTnM7Eb+Ll7HHfHCZj//6PXKoqxMcTh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
655a4bf14e5450affc562e07fb2c38ca

Files

655a4bf14e5450affc562e07fb2c38ca
.dll windows:4 windows x86 arch:x86

38f76f5d9bc0f575fc0e873af59a52ee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RequestDeviceWakeup
FindClose
EnumSystemLocalesA
LockFile
GetConsoleInputWaitHandle
GetConsoleFontSize
ReadConsoleInputA
IsValidLanguageGroup
GetEnvironmentStrings
GlobalSize
LockResource
VDMOperationStarted
GetDevicePowerState
GetCommMask
GetCommandLineA
ExitProcess
GetStartupInfoA
GetConsoleAliasExesLengthA
GetNumberFormatA
SetTermsrvAppInstallMode
FatalAppExitA
GetExitCodeProcess
WritePrivateProfileStringA
GetTapeParameters
BuildCommDCBA
FindVolumeMountPointClose
ReadFileScatter
LockResource
SearchPathA
FillConsoleOutputCharacterA
GlobalUnWire
WaitNamedPipeA

Sections

ATSEC0
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ATSEC1
Size: - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ATSEC2
Size: 47KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ