9c058dea0ddadafdbdb4ca95e07b3349 | Triage

Sharing

General

Target

9c058dea0ddadafdbdb4ca95e07b3349
Size

152KB
MD5

9c058dea0ddadafdbdb4ca95e07b3349
SHA1

850418e73dc17755b595adc08a331eec02e5fda2
SHA256

ba9079e467afd69aa21a3f214250a02e97b7bcfbeff0d77833528eb37054e77c
SHA512

851fc89db09c63b63bb7fb45dad163fff6558b5d266f2b2fd74bb72d80d12ecf8c8bff0445189d4d1833005bc3870817b87b7918c7900d90eff1c4946f0beef9
SSDEEP

3072:Paa+9vHrWJvYLgHTZwkVyc5uH7iriS5Go+99f+Y:PwRHrWOgzZwu95uHGF5f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9c058dea0ddadafdbdb4ca95e07b3349

Files

9c058dea0ddadafdbdb4ca95e07b3349
.dll windows:4 windows x86 arch:x86

4376a796120a1e0470d0538bba455527

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EndUpdateResourceA
GetLongPathNameA
RegisterWaitForSingleObjectEx
ConnectNamedPipe
GetConsoleInputExeNameA
VirtualAllocEx
GetFileAttributesA
GetConsoleTitleA
WaitNamedPipeA
GetFileAttributesExA
RaiseException
LZSeek
UpdateResourceA
GetTapePosition
IsSystemResumeAutomatic
GetVersionExA
GlobalMemoryStatus
GetTickCount
LoadLibraryExA
ResetEvent
GetProcessId
GetCurrentThreadId
WriteConsoleInputA
SetEvent

wininet

InternetQueryDataAvailable
FtpRemoveDirectoryW
FtpSetCurrentDirectoryW
InternetGetConnectedStateExA
InternetCrackUrlA
InternetUnlockRequestFile
FtpSetCurrentDirectoryW
ResumeSuspendedDownload

Exports

Exports

Wlpbvvd
Armeywinp
CloseDsnvdne
Abbebfp
Ddobnmf
Yowsjprt
OpenLaywkxrh
InitXjvensi

Sections

.itext
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 140KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ