bdd87885846b18b650d063c69f756075 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bdd87885846b18b650d063c69f756075
Size

300KB
MD5

bdd87885846b18b650d063c69f756075
SHA1

212bc4b3d1eb5372fbd77d90e94c69e06131483f
SHA256

3682fa1d708af0563668bfcf39322f23ebc386e4bfbe5652523ab731a2a4b8bd
SHA512

3c413ae6519c29808fc2213e68eb2f53e1fed6736d2dac30105b2c9347567837134bc44fc6df1db9c0cbdcf520c97a4b4eec2f5f54f3a4daabd167dc5c9439ea
SSDEEP

6144:w0i8mDaJwUmaE7UUv+gpZIBii9de4272s9kcRFanHZ:w0i8YM+ZIMibedis9kma5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdd87885846b18b650d063c69f756075

Files

bdd87885846b18b650d063c69f756075
.dll windows:4 windows x86 arch:x86

c136443abce4363efe133e0d30e77aea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

EnableWindow
EnableScrollBar
DrawTextA
DrawStateA
DrawMenuBar
DrawIcon
DispatchMessageA
DestroyMenu
DestroyCaret
CreateMenu
CreateDesktopW
CopyImage
CharToOemBuffA
CharNextA
CharLowerA

kernel32

EnterCriticalSection
lstrlenA
lstrcpyA
lstrcatA
VirtualAlloc
UnmapViewOfFile
TlsGetValue
SetLastError
MapViewOfFile
LoadResource
GetTimeFormatA
GetSystemTimeAsFileTime
GetPrivateProfileStringA
ExitProcess
EnumResourceTypesA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
InitSecurityInterfaceW
LsaApCallPackage
LsaApCallPackagePassthrough
LsaApCallPackageUntrusted
LsaApInitializePackage
LsaApLogonTerminated
LsaApLogonUser
LsaApLogonUserEx
SpInitialize
c
f
o
s

Sections

.text
Size: 58KB - Virtual size: 384KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 238KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ