aba9dddd81e3823201848d43304331d6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aba9dddd81e3823201848d43304331d6
Size

84KB
MD5

aba9dddd81e3823201848d43304331d6
SHA1

9476a09b722402ff4ebdc760db22d9fd88263c64
SHA256

f4b19e3444422ec6657bfc476def74643b9da59d06400dd3a959800483273811
SHA512

1efeba1718115970e93baa4c3614f8862ea0e50454f052c077da6783e61a1ff0a96f1e64bc049441520d768d126c9030ea55db9ee101b674aa7d0bb42387686a
SSDEEP

1536:q8w9+DYVmmfqvItTpP/e3Fg2oIIZCeFZU+RwAG7W2:q39+DYcveQ3NoIIZtwAGK2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aba9dddd81e3823201848d43304331d6

Files

aba9dddd81e3823201848d43304331d6
.dll windows:4 windows x86 arch:x86

74e29d07b94ec5e706f6a7c7b126c241

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
FindResourceA
ClearCommBreak
CreatePipe
GetDiskFreeSpaceW
LoadResource
GetStringTypeExA
GetTimeFormatA
HeapSetInformation
GetAtomNameW
GlobalFree
DeleteTimerQueueTimer

shlwapi

wnsprintfA
PathAddBackslashA

Exports

Exports

CPlApplet

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 573B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ