bb98a6f68daeb39754ad537ea35e3ed9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb98a6f68daeb39754ad537ea35e3ed9
Size

93KB
MD5

bb98a6f68daeb39754ad537ea35e3ed9
SHA1

86b9cb6184d62c501c946f0b58adde273a5c3cd4
SHA256

4ca5450dc46293c4e847a2456ded314319d6953e67b445cc96daf2c4b289e63e
SHA512

628ca500a597601fe172b914dc9c1e40538ca4c4f8e37bced0a6c422832a9e8e5e1a49c9136fb5bdaaba27e3ea502b08b1f7f20bca13a269241998158b3aede4
SSDEEP

1536:TcuIOf4BwE5XbqheIg5M4w8q2gtovKALH2fMQwdGw1B6dx/nnH8m9d:tf8pXuheIgsI4oC8HKcPEd5N9d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb98a6f68daeb39754ad537ea35e3ed9

Files

bb98a6f68daeb39754ad537ea35e3ed9
.dll windows:4 windows x86 arch:x86

e1625d8071406afdd29d60bedf6aaa09

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetDateFormatA
GetFileSize
OpenFile
lstrcmpiA
lstrcpynA
lstrlenA
ExitProcess

Sections

.sforce3
Size: 25KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RDATA
Size: 63KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sforce3
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.brick
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ