b55769a809e54d5c97782eaec74489c8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b55769a809e54d5c97782eaec74489c8
Size

24KB
MD5

b55769a809e54d5c97782eaec74489c8
SHA1

cdc7405a58e47e78be7f1d49a31e627658979e2c
SHA256

d5901dfbddeb6c2c8db685762fb85770afa9a62b16b5b8d18969ec581fab0b65
SHA512

0df1852cd4d8939ec245039140f13416f30b53bdf354716d4e88310e8e6319139db392f5f15201c8abf72df5bcb46cd6da0b56e19f968a8e510c39252679d51e
SSDEEP

96:sKL4Q4afJZjlI+0XHAZmsgsQsnLLOr4PMyG4cOffTEUVoy4+AZYUu:H00J5lIOxdFG6TEUVoiACUu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b55769a809e54d5c97782eaec74489c8

Files

b55769a809e54d5c97782eaec74489c8
.dll windows:4 windows x86 arch:x86

df6bc4c51404a661727e52eb8a5f39ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
SetFileAttributesA
GetSystemDirectoryA
Sleep
IsBadStringPtrA
DisableThreadLibraryCalls
LoadLibraryA
InterlockedIncrement
FreeLibrary
GetModuleFileNameA
CloseHandle
CreateProcessA

user32

PostMessageA
FindWindowExA
DefWindowProcA
SetTimer
DispatchMessageA
wsprintfA
SetWindowsHookExA
TranslateMessage
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
CallNextHookEx

ole32

CoInitialize
CoUninitialize
CoCreateGuid

shlwapi

PathFileExistsA
SHGetValueA
SHSetValueA

urlmon

URLDownloadToFileA

msvcrt

time
_adjust_fdiv
malloc
_initterm
free
_except_handler3
strrchr
_stricmp
_beginthreadex
sprintf

Exports

Exports

Run
Rundll32

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.share
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 718B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ