d313b3a32a87d8fdcd1038ca320b8eff037463e3c596d56dfef4bf17641cc517 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d313b3a32a87d8fdcd1038ca320b8eff037463e3c596d56dfef4bf17641cc517
Size

40KB
MD5

bcb70606c42473900ffd9d26dd815925
SHA1

9fe1a9b8f1bec532f5db83e9502cfcd2061f01cc
SHA256

d313b3a32a87d8fdcd1038ca320b8eff037463e3c596d56dfef4bf17641cc517
SHA512

f8bc45b890b87ce4bcb2a401e68e2c41f378909853ce03045fe3525b6d96302abb59b8db9acb44cad17045becd608998dcd23fda71684c316a5586d485f2984f
SSDEEP

192:FtuE9LyaFyxKbNkv2L7hITiYbV6oI2KmdrcaP+gMuehI:FtL9Wa2w19YbVRIQrzmg0I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d313b3a32a87d8fdcd1038ca320b8eff037463e3c596d56dfef4bf17641cc517

Files

d313b3a32a87d8fdcd1038ca320b8eff037463e3c596d56dfef4bf17641cc517
.dll windows:4 windows x86 arch:x86

9e90163aa6c710cceabfe4f83cb165c7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord1168
ord1253
ord342
ord823
ord1182
ord825
ord699
ord772
ord397
ord500
ord800
ord912
ord538
ord5606
ord5860
ord4188
ord3663
ord2393
ord5440
ord6383
ord5450
ord6394
ord6142

msvcrt

__CxxFrameHandler
_purecall
_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
free
_initterm
malloc
_adjust_fdiv
__dllonexit
_onexit

Exports

Exports

??0CdaStash@@QAE@XZ
??1CdaStash@@UAE@XZ
??_7CdaStash@@6B@
?Push@CdaStash@@QAEJIIJ@Z
?PushTick@CdaStash@@IAEJIIJ@Z
?PushTickList@CdaStash@@IAEJIIJ@Z
?Retrive@CdaStash@@QAEHAAI0JPAH@Z

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1018B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 753B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ