a382aa54b2edf1ac3c3aaccc6122327c5bb85f61f854bf83f8332805fec9be2e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a382aa54b2edf1ac3c3aaccc6122327c5bb85f61f854bf83f8332805fec9be2e
Size

184KB
MD5

073e3068cf5a478c9aaec9d2d7b39d2a
SHA1

826b2dd45b3a2c2e2ef0476099b897ae05cd7b9e
SHA256

a382aa54b2edf1ac3c3aaccc6122327c5bb85f61f854bf83f8332805fec9be2e
SHA512

6f4752060138cdcbdb80524d848f3faf79f1f9c67316378ea272dcb4bb7e0fc9f16ac800889bc4ef596a7445c8926dd93c4a778f4f5cc49c1f20483012a16142
SSDEEP

3072:YZ/Aq5HJv6rBXHdH1iF3P74buGdSg4GeLfqMsnwXB:YbRQBXHtq3PUbt3te7Bsn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a382aa54b2edf1ac3c3aaccc6122327c5bb85f61f854bf83f8332805fec9be2e

Files

a382aa54b2edf1ac3c3aaccc6122327c5bb85f61f854bf83f8332805fec9be2e
.dll windows:5 windows x86 arch:x86

296c5ce0ec7abebda668048df2df9b05

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OutputDebugStringA
LoadLibraryExA
LoadLibraryA
LoadLibraryW
CloseHandle
GetModuleHandleA
GetComputerNameA
GetProcessId

shlwapi

PathSearchAndQualifyW
StrDupA

advapi32

RegLoadAppKeyW
GetSidIdentifierAuthority
OpenServiceA

winmm

timeKillEvent
mmioSeek

iphlpapi

NotifyAddrChange

ole32

CoGetInterfaceAndReleaseStream

setupapi

SetupDiDeleteDeviceInterfaceData
SetupDiSetSelectedDevice

user32

CreateDialogIndirectParamA
TranslateMessage
SwapMouseButton

comdlg32

CommDlgExtendedError

oleaut32

SysReAllocString

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00wwO
Size: 120KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ