7ad6cf9bba8fc2bb94e97ee2ecdac4a4 | Triage

Sharing

General

Target

7ad6cf9bba8fc2bb94e97ee2ecdac4a4
Size

11KB
MD5

7ad6cf9bba8fc2bb94e97ee2ecdac4a4
SHA1

b91d01e76bab01d14e68d5af1d71e76a6b321c32
SHA256

b8e026f99db18b87d61bd538346a27cdaab9c4f719f094d3e25189fe1f70cac7
SHA512

b23e21d2e1b51396a1f2b8bbf5c946237204c05c5ac741984c545b2c74c486669e97955bfa02437fc729f05b4437d3b2bcfc34ab50302433d566b37f9d17dff3
SSDEEP

192:2RphXNj+EKxDT6bZPHFfSyoIK/MPbNvW9pcEQ:2R7kB1uZtKHIK/MPbNvWvcEQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7ad6cf9bba8fc2bb94e97ee2ecdac4a4

Files

7ad6cf9bba8fc2bb94e97ee2ecdac4a4
.dll windows:4 windows x86 arch:x86

043102dec98ae30597b0828656b43775

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitThread
FileTimeToSystemTime
GetCurrentProcess
GetCurrentProcessId
GetDriveTypeA
GetFileAttributesA
GetFileTime
GetModuleFileNameA
GetModuleHandleA
EnumResourceTypesA
GetWindowsDirectoryA
LoadLibraryA
Sleep
SystemTimeToTzSpecificLocalTime
Thread32First
Thread32Next
VirtualAlloc
VirtualProtect
DeviceIoControl
DisableThreadLibraryCalls
DeleteFileA
CreateToolhelp32Snapshot
CreateThread
CreateFileA
GetProcAddress
CloseHandle

user32

SendDlgItemMessageA
MessageBoxA
GetWindowTextA
GetDlgItem
GetDC
GetClassNameA
EnumThreadWindows
GetDlgItemTextA
SendMessageA

advapi32

GetCurrentHwProfileA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
GetUserNameA

gdi32

GetPixel

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 882B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ