8715fc977701f2a2f297192a1c77cd91 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8715fc977701f2a2f297192a1c77cd91
Size

4KB
MD5

8715fc977701f2a2f297192a1c77cd91
SHA1

7f17e55f1de8f6806269fce12cda12bb486e3591
SHA256

c7d07d853659ca6a960f36f275dfbbb35d6ec5addab01b1044c16bb1956621bf
SHA512

f8a32a791173971954d96e440d7ca7e69b4b191c7dd194ed5be8dffcd35af1b62103d7901238e7f21c17c7d4198b56e10f03dec95611e83f293fcbdf0eb5c0fe
SSDEEP

48:SegcXgjhUFYwM78qPWpz5tjLFUrCI9v6CR:nVXg9UyUuWpz7jLFyCI9iC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8715fc977701f2a2f297192a1c77cd91

Files

8715fc977701f2a2f297192a1c77cd91
.dll windows:5 windows x86 arch:x86

815eb2b235f7817f320565c5ae0041fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadFile
VirtualAlloc
GetFileSize
CreateFileW
lstrcatW
GetTempPathW
DebugBreak
IsDebuggerPresent

pdh

PdhGetLogFileSize
PdhLookupPerfNameByIndexA
PdhParseCounterPathW

urlmon

URLOpenStreamW
CoInternetCompareUrl
RegisterMediaTypes
UrlMkSetSessionOption
GetClassFileOrMime
CoInternetParseUrl
HlinkNavigateString

setupapi

SetupDiGetDeviceRegistryPropertyW
SetupSetDirectoryIdA
SetupDiGetDeviceInstanceIdW
SetupRemoveSectionFromDiskSpaceListA
SetupDiClassGuidsFromNameA
SetupQuerySourceListA

loadperf

LoadPerfCounterTextStringsA
UnloadPerfCounterTextStringsA

rtm

RtmGetNetworkCount
RtmAddRoute
RtmRegisterClient
RtmCloseEnumerationHandle

Exports

Exports

Hkcoedclxfkckdl

Sections

.text
Size: 1024B - Virtual size: 746B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ