b462e2db81cb856aa2a3e0a15a850bdc | Triage

Sharing

General

Target

b462e2db81cb856aa2a3e0a15a850bdc
Size

14KB
MD5

b462e2db81cb856aa2a3e0a15a850bdc
SHA1

02c760d8f3f9bc5914a664a14d935169c9a4f653
SHA256

ec518c68e3ec99fc9c45c7f54464f0486e3faaf39078b0bd9cfab04d8e500c14
SHA512

88295969543e25963acf49440653f9202c82e8c8ce1c582b7890cfb35472ac000142bdccc92120f92c5aaa10b367933a028bc740f71de187fff5ea36c47ae09e
SSDEEP

384:DoGwmrynHjyapFDlhuC6OlugdjeEgNmWjdL5:DvwXzIEYzp5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b462e2db81cb856aa2a3e0a15a850bdc

Files

b462e2db81cb856aa2a3e0a15a850bdc
.dll windows:4 windows x86 arch:x86

e014d3bdf29902c01eaa874c480c52b4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateThread
EnterCriticalSection
GetModuleFileNameA
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
Sleep
WaitForSingleObject
lstrlenA

Exports

Exports

CreateProcessNotify

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 419B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ