b4e83f9eece298cefa9d43cc3e68bcf2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b4e83f9eece298cefa9d43cc3e68bcf2
Size

25KB
MD5

b4e83f9eece298cefa9d43cc3e68bcf2
SHA1

0ea1d0f7d3846b3deec233a5907a22945e01d3fe
SHA256

30efa6da52252506c43e488effddc7ef3300b24c0f5b77b5fb996eb0ce069045
SHA512

0b660060a9fc1951a519b3c08023a344774e475392b97d4d71592212b2f108523be6a0732f406afdcaa1dd1585364ea5c343f19f00e1f895fbd3049897406606
SSDEEP

768:SL6BpuT7Yknz0g/gKZ4a4a4o4a4a4a4J4J4WzWYaYaYSYaYkYwk17uIv9B4a4a4w:46BMT75X/R+XXRXXXuuWzr33/31wk1CU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4e83f9eece298cefa9d43cc3e68bcf2

Files

b4e83f9eece298cefa9d43cc3e68bcf2
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

AutorunThread
DeleteServiceByName
GetCurDoc
InitHook
RandomDw
SaveToFileH
XorByStr

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ