33b43426746b8a6b4016c8b2e62dee59fbc7db09b4ab3c47cc4711a9d5506195 | Triage

Sharing

General

Target

33b43426746b8a6b4016c8b2e62dee59fbc7db09b4ab3c47cc4711a9d5506195
Size

188KB
MD5

08758749c59bf0c951d38d5256dfb28f
SHA1

ef5f816f23c64d61d6f76765163b2abd262a8258
SHA256

33b43426746b8a6b4016c8b2e62dee59fbc7db09b4ab3c47cc4711a9d5506195
SHA512

4f2616eefbffe10241f169e5fa552748c2d9126e04006fe15a472306dcd15a74a75dd649e030c60a1814712ea3eec2eae8f7be6365fe95a09cb220c81bf90c2b
SSDEEP

3072:v6yaqXFrEQUu1L3Khnx0quKiHlaeqP3ssWPTRX3fW8363nHaDaI+XB:v0qX6u1LaVjOk8TW8Da

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33b43426746b8a6b4016c8b2e62dee59fbc7db09b4ab3c47cc4711a9d5506195

Files

33b43426746b8a6b4016c8b2e62dee59fbc7db09b4ab3c47cc4711a9d5506195
.dll windows:5 windows x86 arch:x86

421eddade4a7740c852f0d30032122f7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comdlg32

CommDlgExtendedError

advapi32

RegLoadAppKeyW
GetSidIdentifierAuthority
OpenServiceA

setupapi

SetupDiDeleteDeviceInterfaceData
SetupDiSetSelectedDevice

kernel32

GetModuleHandleA
GetComputerNameA
GetProcessId
CloseHandle
LoadLibraryExA
LoadLibraryW
OutputDebugStringA
LoadLibraryA

iphlpapi

NotifyAddrChange

winmm

mmioSeek
timeKillEvent

ole32

CoGetInterfaceAndReleaseStream

user32

SwapMouseButton
TranslateMessage
CreateDialogIndirectParamA

shlwapi

PathSearchAndQualifyW
StrDupA

oleaut32

SysReAllocString

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00wwO
Size: 124KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 456B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ