050aae6b09385c3d7f31e2eaa378ff9d236e786a44db294bd39423d725232136 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

050aae6b09385c3d7f31e2eaa378ff9d236e786a44db294bd39423d725232136
Size

4KB
MD5

83f4876be3c5ab779e36cc1e2849f780
SHA1

882bfd11b7b269ae34036b876ce5fd329ba5d499
SHA256

050aae6b09385c3d7f31e2eaa378ff9d236e786a44db294bd39423d725232136
SHA512

0f5ce563d5d6058c22dbe612566d0eed7d0413a09497721de544ee8f3c387500790cb415917fb3983c6bca4831d0d3762ac0f48b37db00270e4a7450079f8390
SSDEEP

24:eNGS7EiUT73Ce2v/kPVCRVtc44MxFOKMtc8v874IVHLeXHc2KpLxpTwVsDNZjxdo:a7Q2voyT+Bt5a94cDTTLjxduR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
050aae6b09385c3d7f31e2eaa378ff9d236e786a44db294bd39423d725232136

Files

050aae6b09385c3d7f31e2eaa378ff9d236e786a44db294bd39423d725232136
.dll windows:5 windows x86 arch:x86

b1739664e08d6f9c7ad5fbd4058e1368

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileW
VirtualAlloc
SetEnvironmentVariableA
ReadFile

shell32

ShellExecuteA
ShellExecuteW

msvcrt

free
_initterm
malloc
_adjust_fdiv

Exports

Exports

krnl

Sections

.text
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 497B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ