7e3f132a8e66bf92e494b28c0ce685c5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7e3f132a8e66bf92e494b28c0ce685c5
Size

92KB
MD5

7e3f132a8e66bf92e494b28c0ce685c5
SHA1

5c6606814ed35d445eef1d0e7186c6d81b19565f
SHA256

54b398b0b3e2cfd974c1ea23cee82f991994463a9872083cc8b5f5c780e35ed2
SHA512

d57941b2f6d24ec932d562ca97075e4419845a5be8e777729eed5adde52f24a42270079e57bcba8f92b4fff8b62668436b1cf66b3ef415783ef793b4acfcdbd4
SSDEEP

1536:DA9HldcASs9RYbsxr7+eVQR23TmSIMFJoWNXkbY+3GqMxvlj1V0/:DAPHRYbsxn+eVXSSroWlGGRJW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7e3f132a8e66bf92e494b28c0ce685c5

Files

7e3f132a8e66bf92e494b28c0ce685c5
.dll windows:4 windows x86 arch:x86

7a678abb8b5faaa95a2084d544f4483a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

dencrapifier.pdb

Imports

user32

FindWindowA
DestroyWindow
DefWindowProcA
InvalidateRect
UpdateWindow
SetPropA
SetWindowLongA
GetWindowLongA
KillTimer

advapi32

OpenProcessToken
IsWellKnownSid
EqualDomainSid
OpenEventLogW
LookupAccountSidW
RevertToSelf
LookupAccountNameW
AdjustTokenPrivileges
AllocateAndInitializeSid
LookupPrivilegeValueW
ReadEventLogW
ImpersonateSelf
OpenThreadToken
CloseEventLog
CheckTokenMembership

Exports

Exports

yulvyki

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ