91cb3641a6dc7c29319270f008121c4a6cd3ee0f8be2b70952ff6217d0c80b37 | Triage

Sharing

General

Target

91cb3641a6dc7c29319270f008121c4a6cd3ee0f8be2b70952ff6217d0c80b37
Size

2.4MB
MD5

60278c734d0e8005e0270d207d55d56d
SHA1

456c2f76b1715098edc0d2fd2ec012f3b05934d8
SHA256

91cb3641a6dc7c29319270f008121c4a6cd3ee0f8be2b70952ff6217d0c80b37
SHA512

e96c547b041ba68adba9ab69bfb711d280b4c47e186ed9d2248d862d138b656676fb4044737e60d661c7e2d8ecfc7fc838d490b03b5c3977119d64ec8a05f53c
SSDEEP

49152:opGqXghvaswB6Iasikhxo/BXsloRxF9Yie8Qa9hVp6R0h6Ndv6R:6ghyXlas9GXmohYik/6R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
91cb3641a6dc7c29319270f008121c4a6cd3ee0f8be2b70952ff6217d0c80b37

Files

91cb3641a6dc7c29319270f008121c4a6cd3ee0f8be2b70952ff6217d0c80b37
.dll windows:5 windows x86 arch:x86

5c73131e6093f39d647b5b9f6dee25bb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetPriorityClipboardFormat

msvfw32

ICCompressorChoose

oleaut32

GetErrorInfo
SysAllocStringLen

ole32

RevokeDragDrop

kernel32

GetUserDefaultLangID
GetBinaryTypeA
GetTickCount
UnlockFile
GetModuleHandleA
GetModuleFileNameA
GetSystemTimeAsFileTime
MoveFileExA
VirtualAlloc
LeaveCriticalSection
GetProcessHeap

wininet

FindFirstUrlCacheEntryExW

advapi32

RegCloseKey

Exports

Exports

MnkOdefsdtfs

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 268KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ