bd114a26d04eebc96657f3933d8516ba | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd114a26d04eebc96657f3933d8516ba
Size

7KB
MD5

bd114a26d04eebc96657f3933d8516ba
SHA1

907181d51af89d1a63ce3fac1fcd179cac948a46
SHA256

84301a21b45627a9c8fcd182fcc2bf51a4a3995460334885cb707e7afe8519be
SHA512

a2c299fc24b90855420d607479da6dbfe43e9b7327682ba409d425cdc8467a5bdb91dd2140e95be984ce64fa43136d2d201e0b9ea71cd88dc1d678efdf401996
SSDEEP

24:eNGSXSlMlFj3ychDMhYxhP1dlqQhHcH+2LzKqrUKqr6TvqtGEKs+5R3zfBqv/rYS:awM3yphHQhHcHxzzrUzr6TCoRDo/p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd114a26d04eebc96657f3933d8516ba

Files

bd114a26d04eebc96657f3933d8516ba
.dll windows:4 windows x86 arch:x86

7b9fc80087a6b849f5385babac480874

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
lstrcpyA
LoadLibraryA
GetWindowsDirectoryA

user32

DispatchMessageA
TranslateMessage
GetMessageA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

msvcrt

malloc
strstr
_strupr

Exports

Exports

CreateProcessNotify
MyProc

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 594B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ