985956e44c7c3e5f2cad824344435f8d | Triage

Sharing

General

Target

985956e44c7c3e5f2cad824344435f8d
Size

27KB
MD5

985956e44c7c3e5f2cad824344435f8d
SHA1

86ba5fa2970bf7acd403e8d6853bd76bcd3a8930
SHA256

5d5fdde83aa6c99a40f7b894f8cb8c75cfaf136ef2eee65421e7a2697c5a6042
SHA512

2656a3e6f0c876138b50c2a8a5dd8a1a5efdd9db8cf7ce8a6b02a0d6bc64498bc81c4424d319aa8e763e3f8dbf46ed5b40bc11edd0a5a81983d9673931959499
SSDEEP

384:3gzeXvqOIZ/weBQ8Sc+G6Wyb0yCRR0G/btJMR9CHom4XtfFDT:3gze/Wn68Jc4boGztwCHYZJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
985956e44c7c3e5f2cad824344435f8d

Files

985956e44c7c3e5f2cad824344435f8d
.dll windows:5 windows x86 arch:x86

dfe51a695ebc38059ce285b41ca9b7a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
GetProcAddress
lstrcmpA
GetLogicalDrives
GetProcessHeap
GetSystemDirectoryA
lstrcatA
FindFirstFileA
GetLogicalDriveStringsA
GetTempFileNameA
LoadLibraryA
GetModuleFileNameA
FindNextFileA
GetModuleHandleA
lstrcpyA
GetFileSize
SetFilePointer
HeapAlloc
GetTickCount
ReadFile
FindClose
DeviceIoControl
DeleteFileA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
IsDebuggerPresent

user32

wsprintfA
CopyIcon
FindWindowA
LoadCursorA
GetWindowThreadProcessId

setupapi

SetupDiDestroyDeviceInfoList

Exports

Exports

Exbcute
SMsg

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 590B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ