c478535ea779abd8ff5962e37b6e7675 | Triage

Sharing

General

Target

c478535ea779abd8ff5962e37b6e7675
Size

120KB
MD5

c478535ea779abd8ff5962e37b6e7675
SHA1

1d4a86361bb54668ecc7183fb2287a73a26eefd4
SHA256

e01a56ab20e294d8bb596d9179a5d2cbbf64d82e18f3c4d6b6f150d402662849
SHA512

c99933d41c8fdecba4d7cea77e04ef462d0cc676183f491613bceb3b01dc3adf5b29344df00fbe1e41c923a6d1bd42961f0fb0d5aa731459669b4fb9e148b9b9
SSDEEP

1536:dOevrOMfnLtltKgqmir1cdhtN9H1QvW1Yb0DmHALB5Wc2GvqV:BvrPfnLtnKjm1XtNDDZmO5Wc2GvqV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c478535ea779abd8ff5962e37b6e7675

Files

c478535ea779abd8ff5962e37b6e7675
.dll windows:4 windows x86 arch:x86

a99cfe140a598d41293bb2555773a41c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAddAtomA
VirtualAllocEx
ExitProcess
GetPrivateProfileStringA
GetCommandLineW
GetCurrentProcess
GetProcessPriorityBoost
DefineDosDeviceA
FindFirstVolumeMountPointA
OpenFileMappingA
GlobalUnlock
DisconnectNamedPipe
GetStringTypeExW
GetPrivateProfileSectionNamesW

user32

TabbedTextOutA
EnumDesktopWindows
InvalidateRgn
LockSetForegroundWindow
DlgDirSelectComboBoxExA
ChildWindowFromPointEx
GetPropA
GetCaretBlinkTime
LockWindowUpdate
GetDCEx
EnumDisplaySettingsExA
GetMenuItemID

gdi32

GetRasterizerCaps

Sections

.text
Size: 108KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbbs
Size: - Virtual size: 392B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ