7bbba63b68ec5ebf4cb867174a11772b | Triage

Sharing

General

Target

7bbba63b68ec5ebf4cb867174a11772b
Size

100KB
MD5

7bbba63b68ec5ebf4cb867174a11772b
SHA1

4c2c975d86fc27925f9620cae1326459f8f0cd20
SHA256

beddd70b6ce9b8e25d46f49f9590c239e37ac4f1981504b0d7b75691ea46eaa6
SHA512

26f62961bb894a6ff1082b5d5a55582596b0fff0ad497ec78807bc41c7d35cf4749893438d67883f448af421ea545cd08c0668a5846479342add8984ef05e6c5
SSDEEP

1536:b2Q8PiCWvC6kFO4drPgEUuEltkoCWhS0mAy3WoBTCczKie+9jGZa7yVgKTiOahdZ:72K6P7heuEltZpA2yGcCY1etZxVlm/Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7bbba63b68ec5ebf4cb867174a11772b

Files

7bbba63b68ec5ebf4cb867174a11772b
.dll windows:4 windows x86 arch:x86

ca38ce50d59aa77a503e62c3c835f30c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetPropA

advapi32

RegQueryValueExW

odbc32

ord36

netapi32

NetRemoteTOD

mpr

WNetGetLastErrorA

comctl32

ord17

wsock32

select

gdi32

GetClipBox

winspool.drv

OpenPrinterA

comdlg32

GetFileTitleA

Exports

Exports

RtlPropertyToVar

Sections

.text
Size: 94KB - Virtual size: 896KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE