7c2f6e8a1ebb04e964c4e240ce111645 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7c2f6e8a1ebb04e964c4e240ce111645
Size

83KB
MD5

7c2f6e8a1ebb04e964c4e240ce111645
SHA1

f543ca7d39e9bc2f7e3e4a6708d3cdbf130ee1d8
SHA256

cd40e1388d30a34dc6b47697cac38597be961ef1ef071a3947a81d4890616897
SHA512

b30a1258ca526ff613d4cf2f712e9310ffdcd11d118a380b0a616a4c055c8fb65b3338df0c06cafaa7ae830a17da6b1aad26c758738683f2a0c5d77130b0b014
SSDEEP

1536:UHUO97Ch2l45gCwrulzkBIrIeDYDrst+tsOW8pUtt/3Mr0:yUvt5gVylxX9oUS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c2f6e8a1ebb04e964c4e240ce111645

Files

7c2f6e8a1ebb04e964c4e240ce111645
.dll windows:4 windows x86 arch:x86

ebafac331daa78bdbdc501f931a0bde3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

gdi32

UnrealizeObject

Exports

Exports

CPlApplet

Sections

CODE
Size: 77KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE