a097bf8583bf789c1af9aeb596f380a1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a097bf8583bf789c1af9aeb596f380a1
Size

2KB
MD5

a097bf8583bf789c1af9aeb596f380a1
SHA1

e783c8fbb3fd2d9afd0a13a254e9aad952caa0b0
SHA256

13a7e8caa9b5439c1e8f48d943a1c850ea4f396ff40fb819a6aa84fea5a60483
SHA512

409476cc92b49e0c59edcd68ceee1e9f93b51534ff2463458e1a2e08f91729c13b741f38cd55cb12e2157c234a60a41c7f7263d218d1f1a770e92a6599e151dc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a097bf8583bf789c1af9aeb596f380a1

Files

a097bf8583bf789c1af9aeb596f380a1
.dll windows:1 windows x86 arch:x86

6fc39f96f87c766adf5446f89fdc6166

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
FindFirstFileA
GetLocalTime
GetSystemDirectoryA
GlobalFree
Sleep
VirtualAlloc
VirtualFree
WriteFile
lstrcatA

ntdll

ZwShutdownSystem
RtlAdjustPrivilege

advapi32

RegCloseKey
RegCreateKeyA
RegOpenKeyA
RegSetValueExA

Exports

Exports

install
on_load

Sections

.flat
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 54B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE