984b9af373bb23b9deb5e9e2bede2cd4 | Triage

Sharing

General

Target

984b9af373bb23b9deb5e9e2bede2cd4
Size

32KB
MD5

984b9af373bb23b9deb5e9e2bede2cd4
SHA1

848676802c40a530f0a0b42fe5049c5addbd6d34
SHA256

66a618de70df835ba5d57cc45362bfbc17e593a407250657455485b141f365fc
SHA512

e82c8cc86efc57f8ccf419920bc9cd4d2c80108e736bdc25e1f48b606d3c3282ddfa2f905845420d6f4517f61f7709d6d9ebeec1175028dd059f56601032e88b
SSDEEP

384:gA+oo2lFJmH/6rgaOWJIw/ACHe+6MgJxfE7jaKdwiAjr0:Z+eAmHO+FACH087ja/iAX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
984b9af373bb23b9deb5e9e2bede2cd4

Files

984b9af373bb23b9deb5e9e2bede2cd4
.dll windows:4 windows x86 arch:x86

9b276c608977c0294204fffc97e868c1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
DisableThreadLibraryCalls
VirtualProtect
Sleep
VirtualAlloc
ReadProcessMemory
GetCurrentProcess
WriteProcessMemory

user32

MessageBoxA
RegisterClassExA
LoadIconA
CreateWindowExA
GetClientRect
BeginPaint
DefWindowProcA
FindWindowA
wsprintfA
SendMessageA
MessageBeep
keybd_event
MapVirtualKeyA
GetForegroundWindow
TranslateMessage
TranslateAcceleratorA
DispatchMessageA
GetMessageA
FindWindowExA

Exports

Exports

GetAuditionHwnd
ScanAudition

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ