7dfdbd6bcbcf70b502f63a9c5e164b21 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7dfdbd6bcbcf70b502f63a9c5e164b21
Size

43KB
MD5

7dfdbd6bcbcf70b502f63a9c5e164b21
SHA1

fa5966311e1a46e5bc71237b40c93111279d2fce
SHA256

786dc596dfd1cada0b36421cdb64133955a3e16dd4955ee4fca6df9f02e67597
SHA512

d25ad6381e169f7d764f4c1626d2d6dd86eef34d0cc2591045d41ade86e031931aacff2452841a886d8453f76762420996363eff1234624f28fff3a27a6731b4
SSDEEP

768:z7EkuFxFrA7gMpAYtg3eJfunpWpewBNBaf6xiW6PLJth85HciU9:z7EkCFs7rp7g3sfucpnIQilyk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7dfdbd6bcbcf70b502f63a9c5e164b21

Files

7dfdbd6bcbcf70b502f63a9c5e164b21
.dll windows:5 windows x86 arch:x86

2a7e2418be8a09fc671a0ee84b34f19e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
VirtualFree
ExitProcess
lstrcmpiA
VirtualProtect
IsBadReadPtr
GetProcAddress
LoadLibraryA
CreateThread
GetModuleHandleA

user32

MessageBoxA
DefWindowProcA
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA
SendMessageA
KillTimer
GetMessageA
DispatchMessageA
TranslateMessage
SetTimer

Exports

Exports

func1
func2
start

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 838B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ