99b5503c46e3310a9a0d88c200b8f485 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

99b5503c46e3310a9a0d88c200b8f485
Size

98KB
MD5

99b5503c46e3310a9a0d88c200b8f485
SHA1

7f787d9ea9913dd95a4b57b1eefdf685528435f0
SHA256

8d1f557f2d6884b45fea922c5fafe0f6979856349ce004a7ee7d2278267a531f
SHA512

559d0c49be44e533680988d3688910731e9c416d880eb2630f211974a7a092d32b5c68033b93b49ecf736d618a37beaad836660e82be79b77fd7e84bceec85d3
SSDEEP

3072:Cadg4HBpIjLhiZ/OsQNJU85YKe/lxDPouWx/tO3ng9jJ:Xdgo+4UJ5heHoNanC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99b5503c46e3310a9a0d88c200b8f485

Files

99b5503c46e3310a9a0d88c200b8f485
.dll windows:4 windows x86 arch:x86

ee6f83f16c8e4cba8f886ef6dbef2590

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ToAscii
RegisterClassW
OffsetRect
MessageBoxW
MessageBoxIndirectW
FillRect
DispatchMessageW

kernel32

InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
RtlUnwind
LoadLibraryW
HeapFree
GetVersionExW
WriteConsoleW
ExitProcess
GetExitCodeProcess
TlsGetValue

advapi32

RegSetValueExW
RegEnumValueW

comdlg32

GetOpenFileNameW
GetFileTitleW

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ