b8b5d902c52ec857ea394049c8e5e59a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8b5d902c52ec857ea394049c8e5e59a
Size

131KB
MD5

b8b5d902c52ec857ea394049c8e5e59a
SHA1

5cf29095d0139e283bc24295f501668284019a9b
SHA256

f00703efb32c025dda3bbee4fe8d53ae1fe8a97ea603410f3a12cede60cb4393
SHA512

b960177a21eb64f15c76fe1fdc33717b28b04929b9ef836912164d09f7a543a5193abc2e190afaaa90dfb2cba93a4665d6ce8807e9184d5b5f7a1af95ee9bdc8
SSDEEP

3072:kCja/uCfOtxvu4qb/SilBYLJ1HumeqpYtw0mg:Jm0txvjSSiUFA3Hm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8b5d902c52ec857ea394049c8e5e59a

Files

b8b5d902c52ec857ea394049c8e5e59a
.dll windows:4 windows x86 arch:x86

f3bc2b6c97a4b4bcc111e4fc6bdd37b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
HeapCreate
IsBadReadPtr
RaiseException
ReadProcessMemory
CreateFileMappingA

msvcrt

_exit
free
malloc
realloc
wcscmp
_wcsicmp

user32

BeginPaint
GetMessageA
GetUpdateRgn
PeekMessageA
SendMessageTimeoutA
TrackPopupMenu
CheckMenuItem
DestroyWindow
SetCursor

oleaut32

RevokeActiveObject
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroy
SysReAllocString
RegisterTypeLi

shlwapi

PathCombineA
PathBuildRootA
PathAppendA
PathFileExistsA
SHDeleteValueA
SHQueryInfoKeyA
StrSpnA
StrStrA
StrToIntA
SHDeleteKeyA

Sections

.text
Size: 65KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ