ad4e6d2f989f33ebf2e9fcceba66be74 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad4e6d2f989f33ebf2e9fcceba66be74
Size

562KB
MD5

ad4e6d2f989f33ebf2e9fcceba66be74
SHA1

5148fafd845a9ac490302018eb06194a4188a7d1
SHA256

50172bef07b77855ef9563188c2f555c599dcfd46d6242d1f52b191c44faf8ab
SHA512

bcd7aff7a93431dd118fc5354b65c15c9a1cdba22a269ff9d0984cb4128881ddcda1afbf6a763f095339dcb67b678b4c41b523e0c57e2a1a5865bf0cec78b1e0
SSDEEP

12288:1B1nYD6/OQ6ps5gH67d2hHtfz/ThieheXbiT:Fq6/OQF5ga7dobhpeLi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad4e6d2f989f33ebf2e9fcceba66be74

Files

ad4e6d2f989f33ebf2e9fcceba66be74
.dll windows:5 windows x86 arch:x86

ca1c7853b29bed02bab5cfa77f707413

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy
DeleteCriticalSection
TlsSetValue
lstrlenW
Sleep

user32

GetKeyboardType
WindowFromPoint

advapi32

RegQueryValueExA
RegSetValueExA

oleaut32

SysFreeString
SafeArrayPtrOfIndex
GetErrorInfo

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

imm32

ImmSetCompositionWindow

Sections

.text
Size: 6KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 616KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 515KB - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE