bd9f851593674f57fe1498341892c161 | Triage

Sharing

General

Target

bd9f851593674f57fe1498341892c161
Size

180KB
MD5

bd9f851593674f57fe1498341892c161
SHA1

dd8b1bbf74da2f1c307802fa48f8787eafcb155d
SHA256

b4e39b49b83bc800bbe710a701b4d40dae2dd223f6e22ed1364ca9330ecc1adc
SHA512

b0534de8fed9ddb186a3f0683fe030e9756f00a1183611c5ef2872eb6d3b5ec8ded3bd9bd2d938d18ccad8d69c068e2210c8fc778eac24edc8b76a7ce927267b
SSDEEP

3072:U5NkQxj7nuhP6iNWRmpJqCYQwHnoP9srLUHq62XB9m9kOdOx6zG:jyj7nmimp0CEIVsrLUK62R0O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd9f851593674f57fe1498341892c161

Files

bd9f851593674f57fe1498341892c161
.dll windows:4 windows x86 arch:x86

fb6543e139045770665f5b9bee0139fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTimeAsFileTime
GetTimeZoneInformation
GetTickCount
CreatePipe
SetFileTime
GetFileAttributesA
WriteFile
GetProcAddress
VirtualFree
GetModuleHandleA
TlsGetValue
GetLastError
TlsFree
EnumSystemCodePagesA
DeleteFileA
GetModuleFileNameA
TlsSetValue
TlsAlloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 681B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 470B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ