71f0d82b6992a998be730de35f9e22b3 | Triage

Sharing

General

Target

71f0d82b6992a998be730de35f9e22b3
Size

20KB
MD5

71f0d82b6992a998be730de35f9e22b3
SHA1

5a9c80a20263375f86ba144ae605e7c1a8490a96
SHA256

7b15f51b5d99548ac216d5e9304eef1444ad20f2cba84c0c33d68a8cde911ef0
SHA512

f2f2f87de1c94b7a21a9e1f19855d55c7289e9efb62096c90cd12b10a2b3632d389b19e2f3ec99642d4f67b01ca7f660c27db3612c381338900941de3747cc59
SSDEEP

384:qMhZc08x8cPaxC02rKn5+BplUf1+s1hVQKOKlt:qkZc0K8cxvcfhGKl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71f0d82b6992a998be730de35f9e22b3

Files

71f0d82b6992a998be730de35f9e22b3
.dll windows:4 windows x86 arch:x86

e65f9e418a3637c27c117b2404c9e371

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
HeapFree
GlobalAlloc
WideCharToMultiByte
VirtualFreeEx
CreateEventA
GetFileAttributesW
lstrcatA
MultiByteToWideChar
GetTempPathW
GetProcAddress
GlobalFree
LoadLibraryA
OpenEventA
GetModuleHandleA
lstrcatW
CloseHandle
lstrcpyW
SetFilePointer
ReadFile
WriteFile
RtlUnwind
lstrcmpA
lstrcpyA
CreateFileA

user32

EndPaint
DestroyWindow
GetWindowRect
GetFocus
wsprintfA
GetClientRect
SendMessageA
RegisterWindowMessageA
SetWindowLongA
MessageBoxA
GetWindowLongA
CreateWindowExA
GetDlgItem
ShowWindow
CreateWindowExW
IsWindowVisible
SetWindowTextA
EnableWindow
CallWindowProcA
SetDlgItemTextA
wsprintfW

advapi32

RegQueryValueExA
RegCloseKey

Exports

Exports

cool
feed
plem

Sections

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ