a54302b0bf056c65deb759122f71e757b11155d82e648f9e206dab91aab44bd4 | Triage

Sharing

General

Target

a54302b0bf056c65deb759122f71e757b11155d82e648f9e206dab91aab44bd4
Size

2.6MB
MD5

39fb644929c57fb75aace407f429cb12
SHA1

f449e79493fcf15dc870466e2ea639d2cbcd8e14
SHA256

a54302b0bf056c65deb759122f71e757b11155d82e648f9e206dab91aab44bd4
SHA512

b32fbd9bc5a58a449199d11decbd1006571ccc849dfcc839477bc457f522fe9f2ca11f3d55ef31978ac0c5e0f811b6e339ecef4c64724b7cf4aedf8d524daade
SSDEEP

49152:K61vkm5V04xOerjOXpe6ZZ1S71F1Q6pn2OL4wC548J3Y5kU:K6Nkm5V04xOerjOXpe2Z1S71UgLq5JJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a54302b0bf056c65deb759122f71e757b11155d82e648f9e206dab91aab44bd4

Files

a54302b0bf056c65deb759122f71e757b11155d82e648f9e206dab91aab44bd4
.dll windows:6 windows x64 arch:x64

0c85cc919aa73be02e9d5d942c58302e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
FindFirstFileA
FindNextFileA
LockFile
UnlockFile
CloseHandle
HeapAlloc
HeapFree
GetProcessHeap
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ExitProcess
CreateThread
GetCurrentThreadId
FreeLibrary
GetModuleFileNameA
GetModuleHandleExA
GetProcAddress
CreateFileMappingA
LoadLibraryA
CreateActCtxA
ReleaseActCtx
ActivateActCtx
DeactivateActCtx

Exports

Exports

pGUAYVFxbN

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ