65b1e5d7ac9903814d9618c530d896d0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65b1e5d7ac9903814d9618c530d896d0
Size

221KB
MD5

65b1e5d7ac9903814d9618c530d896d0
SHA1

1db39d1e8f4fe625da6fb8f8d294eed177e19cdb
SHA256

8188199ab944521b2f4de241af2a2e4e641675160ad33b42f80eb0709567067a
SHA512

2de29c1aedfe85c224d07b47e3cc9b82d75a17c1405e6c99a90d23ab0c25db5b75c08a3f12a44238fdc9089406b42a77c089c9aad568da1e3f6cd58feaf8fd47
SSDEEP

6144:xWzAgsg4LyARRJ1rJnqF9jh77Ug83HxI2:xDgsgkRFJGhq3RI2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65b1e5d7ac9903814d9618c530d896d0

Files

65b1e5d7ac9903814d9618c530d896d0
.dll windows:5 windows x86 arch:x86

ce06ba204b10afe91cfe08ecf2843e37

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateDirectoryA
CopyFileExA
WriteFile
FatalExit
GetCPInfo
FlushFileBuffers
FreeResource
FindClose
GlobalFree
GetLocalTime
GetFileTime
ReadFile
ExitThread
DeleteFileA
FindAtomW
ExitProcess
GetFileType
AddAtomW
DeleteFileW
GetStdHandle
OpenFileMappingA
OpenFile
CopyFileExW
CopyFileA
DeleteAtom
GetPriorityClass
FindAtomA
GetLastError

advapi32

RegCreateKeyExA
RegQueryInfoKeyW
RegFlushKey
RegOpenKeyExA
RegLoadKeyA
RegQueryValueExA
RegReplaceKeyA
RegCreateKeyExW
RegQueryValueExW
RegGetKeySecurity
RegReplaceKeyW
RegQueryValueA
RegEnumKeyExW
RegQueryInfoKeyA
RegOpenKeyExW
RegEnumKeyW

Sections

.262b
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.daa4
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.8gh6
Size: 181KB - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0ag92
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ