85d03aab474fdd3a7dbbc5586e021d5a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

85d03aab474fdd3a7dbbc5586e021d5a
Size

218KB
MD5

85d03aab474fdd3a7dbbc5586e021d5a
SHA1

850d937d24a042668ce2dae652d89adfab8dd284
SHA256

75e97d8d16dfa125bdc257737d097a3a81b0b0c89be7dbf062c6b700717f7e6e
SHA512

314ce73f33e36f33f0551922638b28b758883a6077966146ce7999da84077a30c612d1f6ad5776d4cf6f2abbba5f4f28d8eb7dbbface7d64319492979983af74
SSDEEP

3072:sZ45KARYTzyn1K63Hz19s6PdrOFsMp+CvinRevNBjR8m:8418w1K63zjdhosm+OvPCm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85d03aab474fdd3a7dbbc5586e021d5a

Files

85d03aab474fdd3a7dbbc5586e021d5a
.dll windows:4 windows x86 arch:x86

a624d666a9d36a4ee21f75e410af7f84

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

OleCreateStaticFromData
CreateBindCtx
OleRegGetUserType

shell32

SHFileOperationA

comdlg32

ChooseColorA
GetFileTitleA
FindTextA

oleaut32

VariantChangeType
SysAllocStringLen
GetErrorInfo
SafeArrayCreate
VariantCopyInd
SafeArrayGetElement
SafeArrayGetUBound
OleLoadPicture
SafeArrayPtrOfIndex

comctl32

ImageList_DrawEx
ImageList_DragShowNolock

version

VerQueryValueA

advapi32

RegDeleteKeyA

user32

IsWindowVisible
SetPropA
GetSysColor
GetActiveWindow

kernel32

GetVersionExA
VirtualAllocEx
ExitProcess
GetModuleHandleA
GetProcAddress
GetCommandLineA
ExitThread

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

BSS
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 386B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ