9b1db83e44626f4681bc4aafee7e836d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9b1db83e44626f4681bc4aafee7e836d
Size

91KB
MD5

9b1db83e44626f4681bc4aafee7e836d
SHA1

122d92ca189c2c139b805fdd3f79ba716bb3920c
SHA256

22b6a37357bbe758e479c4149f2b12765031942435f514e24164f80214e9cfbc
SHA512

3554c35293e38b9ffe1db96905587093dcdcd14a6d9b1bd48e0ff5f6d360b6ed373631cb23ac442343f0871926df3d98b128f2c9a5185044924166793980ac97
SSDEEP

1536:YtLsZoaL1ioy22rGXMY691ULVmX2WJO0XeuSAsUcXtVbklM9snf1L3ul2/6gpw:YtLYoaZi4yGXMNQU2aOseuSZUPP8mT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b1db83e44626f4681bc4aafee7e836d

Files

9b1db83e44626f4681bc4aafee7e836d
.dll windows:4 windows x86 arch:x86

4c47934c78db5631ba821498c2a0a0a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
MapViewOfFile
RaiseException
RtlUnwind
SetEndOfFile
VirtualAlloc
WriteFile
lstrcmpA
lstrcpyA
lstrcpynA

Sections

.text
Size: 24KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ