b7c0bbcbbead4441f9359fae0c8a51af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b7c0bbcbbead4441f9359fae0c8a51af
Size

49KB
MD5

b7c0bbcbbead4441f9359fae0c8a51af
SHA1

191224598723e040e5f9140aaec7a7bf2ea0d890
SHA256

91fe495f65c30f9c78964ea2e84343e0b47e7bf79f36b52d461a9e3abab19ce4
SHA512

00af2d29cb83b36bcbe0def7d3caee1a245a9143c5c4d29fa2cc6342107d75cddc23be7cadd0ab4f346218507c394334f60fd872334495a14326320fd492140e
SSDEEP

768:wu4rgZhho1meImVnFQ/lapIJEj60HIzEcTL2sBQMdyI48ERsI4GYZoO5bn6Z0+L3:wXghkmeIsFS78cR0IU+IYelS+dZIM/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7c0bbcbbead4441f9359fae0c8a51af

Files

b7c0bbcbbead4441f9359fae0c8a51af
.dll windows:4 windows x86 arch:x86

576f8c8f90c8617410bcc039201226b4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
LocalAlloc
LocalFree
GetLocaleInfoA
CreateFileW
CloseHandle
InterlockedCompareExchange
Sleep
InterlockedExchange
lstrcatW
lstrlenW
lstrcpynW

msvcrt

_onexit
_initterm
malloc
__dllonexit
memcpy
atoi
_XcptFilter
_adjust_fdiv
_except_handler3
__CxxFrameHandler
free

msvcp60

?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 772B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ