b5415f25bc99920eb4cb6396d434aa20 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b5415f25bc99920eb4cb6396d434aa20
Size

38KB
MD5

b5415f25bc99920eb4cb6396d434aa20
SHA1

e12a65456b6e6ff2ad8823ea6111bb2a58acb6f6
SHA256

2592bfcbb12304e4e94b0f936c86891dd3d18b8b6af40428b4b13cec3ca7b9c5
SHA512

f278cd885abbbe5e6bdcba33c05d7d9b9fc7a5d25bfc3c26dc587e5e2f37cfd5516a8853251434cda717bdb44fc7d1aba42093a15410213d8f2c83e4e615c048
SSDEEP

768:47uJQRPyxCdzRyaqHMoo+ecUmA7tF7NYesv6p9S/9EAKl8bF4hWzRe:47u+RPyCRyHMd+eR7tF7ZqFuuJDV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5415f25bc99920eb4cb6396d434aa20

Files

b5415f25bc99920eb4cb6396d434aa20
.dll windows:4 windows x86 arch:x86

8698cb65facbdc350710f3b875178872

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeBeginPeriod
timeEndPeriod
GetDriverModuleHandle

shlwapi

SHEnumKeyExA
SHEnumKeyExW
SHQueryValueExW
SHDeleteKeyA
SHDeleteKeyW
SHGetValueW
PathIsRootA

user32

ReleaseDC

advapi32

RegLoadKeyA

kernel32

HeapFree
GetProcessHeap
HeapAlloc
GetTickCount
GetCurrentDirectoryA
FlushViewOfFile
SetCurrentDirectoryA
lstrcmpW
CallNamedPipeA
CancelIo
GetFileType
GetWindowsDirectoryW
ReleaseMutex
Beep
CompareStringA
DeleteAtom
GetExitCodeThread
GetCurrentProcessId
GetStdHandle
IsValidLocale
GetComputerNameA
ResetEvent

msvcrt

rand
toupper

version

GetFileVersionInfoSizeA

ole32

OleRun

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ