a174c7586bccf0fc7462a5fa17d12f9b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a174c7586bccf0fc7462a5fa17d12f9b
Size

19KB
MD5

a174c7586bccf0fc7462a5fa17d12f9b
SHA1

ff8cf2fb7bfc89d47315cc6f66887da5c10325cb
SHA256

7a7564bbcb56bae083169aabbf7468f1ee961591dd02ffa6dd2e85776716638e
SHA512

ae0661f3337004f105ee03a30859595567c4bfdd4e4126107715982fd483ca874923bc2b2018ada8572e33aa45d9446042a419e60102d146b84a3c3b9718e2cb
SSDEEP

384:XEBd/1V/jeK+FuutnmeL67du7JyRwNaPg0Wr6WO9Ju:XEBp1V/oFDFm86AQqp9F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a174c7586bccf0fc7462a5fa17d12f9b

Files

a174c7586bccf0fc7462a5fa17d12f9b
.dll windows:4 windows x86 arch:x86

e901e364dfbc969ebc278ba62e4bf7eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

RtlImageNtHeader
strchr
_stricmp
ZwOpenEvent
atoi
sprintf
_snprintf
strncmp
_chkstk
memcpy

msvcrt

realloc
free
strtok
malloc

kernel32

VirtualAlloc
LoadLibraryA
InterlockedExchange
GetProcAddress
LocalAlloc
GetVolumeInformationA
GetLocaleInfoA
CreateThread
GetTempPathA
CloseHandle
OutputDebugStringA
VirtualProtect
Sleep
MoveFileExA
FreeLibrary
WaitForSingleObject
SetEvent
GetLastError
LoadLibraryExA
GetTempFileNameA
GetModuleFileNameA
GetModuleHandleA
RaiseException

Sections

.text
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ