7dbf755d0144e94e086045e47bcaf6e6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7dbf755d0144e94e086045e47bcaf6e6
Size

20KB
MD5

7dbf755d0144e94e086045e47bcaf6e6
SHA1

93e62f71d8c2da4642822b6cd042e62979d4c9cf
SHA256

c631e2eedc3754e3cc09195f3341f9fc347fc2aef567525a66f68776aab9b643
SHA512

b16f5375bb4afd3273589d4ea7496a2408086690842a1321a80c7c0711b7e1330521e560389877b88d0d8a2d93bb72fbd12d0a9d9738715ec2cba524bcd47a98
SSDEEP

96:cSmfgUnKNRKQZctl22Kejqgi1yH3XNjepCQixKkiD1RghRc:cXVgRKQ+v22KejqEHBOCQLkZrc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7dbf755d0144e94e086045e47bcaf6e6

Files

7dbf755d0144e94e086045e47bcaf6e6
.dll windows:4 windows x86 arch:x86

64399ae3229d6e944def62a176ad6527

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
Sleep

user32

wsprintfA
wvsprintfA

wsock32

WSACleanup
WSAStartup
ntohs
gethostbyname
gethostname
closesocket
getsockname
listen
bind
htons
setsockopt
socket
ioctlsocket
accept
select
connect
ntohl
recv
send
htonl

Exports

Exports

InstallPlugin
PluginVersion
TerminatePlugin

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 557B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 190B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ