b41370f9a90c4b4932d25f218b6376a5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b41370f9a90c4b4932d25f218b6376a5
Size

19KB
MD5

b41370f9a90c4b4932d25f218b6376a5
SHA1

cb6e798a68c4a1316e65fbe3bd6b8cd4e3df0013
SHA256

05c608d5baecf719d1831a044860c2ee47e3b51a2afe8bc64edefa36f9a8d526
SHA512

9ce6948e385ad9583cf302b45aa1a9503fee978cbb8b611f12737529ba3ab4ce70542872efef5e5a07e37be3b94843bfe055bd24f484b5848413a992d50d9c7a
SSDEEP

384:6tpvLXjUMZApaWjRyv+ec99DbEa+lvKcyU3AN5axCNEMWVk:av7jUMZpWjsv+ec99/Ev6GANIcW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b41370f9a90c4b4932d25f218b6376a5

Files

b41370f9a90c4b4932d25f218b6376a5
.dll windows:4 windows x86 arch:x86

f6403cdac1208d8467275952b5641b26

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

sprintf

Exports

Exports

input

Sections

.text
Size: 14KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE