c13781dbb7508fc7f3c2723849ef1a7a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c13781dbb7508fc7f3c2723849ef1a7a
Size

20KB
MD5

c13781dbb7508fc7f3c2723849ef1a7a
SHA1

25af42eda49dd851263b0df275e7215ce1175e21
SHA256

ea7d2c61ed772d4e6d02d65802f8dd98361a18a1fc747cffc6afd7dab5a923b0
SHA512

1dbef8a6f6e383a7b4d64ca299c6163318d4d0ac1628ee95ce094e45c8369a64a5b5a3b6e79cc250bffeb8404b838bf4f2e642dc053b8009480cb4e8bc60dbb7
SSDEEP

384:MqVNVOUmcMwv8K8yUce5RNm584gfrkKi0+Uh6yeBk:M2V0cM0Ofv5Tm58QzdUky

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c13781dbb7508fc7f3c2723849ef1a7a

Files

c13781dbb7508fc7f3c2723849ef1a7a
.dll windows:4 windows x86 arch:x86

6f8e77940284bde3f31b3832dc439c36

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_strlwr

Exports

Exports

input

Sections

.text
Size: 16KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE