1808-55-0x0000000000400000-0x0000000000433000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1808-55-0x0000000000400000-0x0000000000433000-memory.dmp
Size

204KB
MD5

1e3fa47ed36ff94bc1c5bb04791ff0bb
SHA1

464ad90f2462076c25e8f5db6f778ae7fab45bd9
SHA256

b58d9b5331db12fc893d70b1570ddcefbb514b98a2c5dd6dbb97a813a0e4e9ae
SHA512

0b10f2ef3d9a21a242030482d33c3fb83f972468bef7fc6d1ddc8266d80df52b0385c0f72614229ff4f6188880d61131b9c6b4a1983c5274c2eac465ea0faedb
SSDEEP

6144:LzyCvccyo7oWwUQiZzmeFHu9U1+tkfJKIm7alGUj88jW:HyCvcfo7oWwUQIzmeFHzgeKKlVjq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1808-55-0x0000000000400000-0x0000000000433000-memory.dmp

Files

1808-55-0x0000000000400000-0x0000000000433000-memory.dmp
.exe windows:4 windows x86 arch:x86

452fee793f249cf0e14caa20634f3fe0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetProcessHeaps
SetPriorityClass
GlobalFlags
SetHandleCount
WriteConsoleA

user32

CreatePopupMenu
GetClipboardOwner
TranslateAcceleratorA
GetKeyboardLayoutNameA
SwapMouseButton
LockWindowUpdate
InflateRect

gdi32

GetDeviceCaps
GetPolyFillMode
GetTextColor
CreatePolyPolygonRgn

Sections

.text
Size: 4KB - Virtual size: 973B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 594B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.upx0
Size: 144KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE