97467d5960898aa6f529bcad409ea95c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

97467d5960898aa6f529bcad409ea95c
Size

1.5MB
MD5

97467d5960898aa6f529bcad409ea95c
SHA1

e4056815e4864c84df78ebbbb60678f20f716d1b
SHA256

c6d312bd827b094b2545e08b99c3c036947b187a25672d29cc87ebeb0599ba2a
SHA512

085d579e07bbb2a64105f0e84e8f77fed829ee5471ffa4a164f276b5ac1439e72a364e0fbf603305a2ae5b8911fa9c860071e7fd3db543d7aac2602eafd5a035
SSDEEP

3072:uMvvo8gaaP3ZoYzRCaaofztzojjHLylz1+WV9vlmJIWFN:ubaEo1jryzOJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97467d5960898aa6f529bcad409ea95c

Files

97467d5960898aa6f529bcad409ea95c
.dll windows:4 windows x86 arch:x86

0bdab82a9eed916d0ff55d4b8b2ff52d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateMutexA
CreateThread
FindClose
FreeLibrary
GetEnvironmentVariableA
GetFileSize
GetLastError
GetLocalTime
GetPrivateProfileStringA
GetProcAddress
GetStartupInfoA
GlobalAlloc
GlobalLock
LeaveCriticalSection
LoadLibraryA
MapViewOfFile
RaiseException
ReadFile
SetLastError
Sleep
TerminateThread
VirtualAlloc
WaitForSingleObject
lstrcmpA
lstrcpyA
lstrlenA

user32

CallWindowProcW
DispatchMessageW
EnableMenuItem
EndPaint
GetLastActivePopup
GetMenuItemInfoW
InsertMenuItemW
InsertMenuW
InvalidateRect
IsIconic
IsWindowEnabled
LoadImageW
MessageBoxA
PeekMessageW
SendNotifyMessageW
SetMenuItemInfoW
WaitMessage

Exports

Exports

SfcGetFiles

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ