c57bca69e69f5895a897efd65c340117 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c57bca69e69f5895a897efd65c340117
Size

126KB
MD5

c57bca69e69f5895a897efd65c340117
SHA1

19f37635ec20fd9826ade0a0c453e81ce0f7d37e
SHA256

07dd4846ff9e735a8e18389bf5f316e51a0de684a10eac22c3e39f2db92d0a65
SHA512

3e4665ffeedf23fbe45758c5c5201f68ad2711a46a5e5bf30e7d5549ccf329d6130280781de874bdaf104418e3c11092e85fd5a7cc1c3d3227a4eb16248ee148
SSDEEP

3072:UbGk+ov0BYi8McmTuHjEMvdspiJgnMG1jKMMiU1m9:MnLLXIu4cpiMG1jKNP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c57bca69e69f5895a897efd65c340117

Files

c57bca69e69f5895a897efd65c340117
.dll windows:4 windows x86 arch:x86

ccfbf68d3dbbf873122532bdd9d17cc8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantCopyInd
VariantClear
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

CloseServiceHandle
CreateServiceA
DeleteService
InitializeSecurityDescriptor
OpenServiceA
QueryServiceStatus
SetSecurityDescriptorDacl
AdjustTokenPrivileges

ole32

CoCreateGuid
CLSIDFromProgID
CoRegisterClassObject
CoTaskMemAlloc
CreateDataAdviseHolder
OleGetClipboard
OleSetClipboard
ProgIDFromCLSID
RegisterDragDrop
WriteClassStm
CoGetClassObject

kernel32

lstrcatA
UnmapViewOfFile
SetEndOfFile
LeaveCriticalSection
GetStartupInfoA
FlushFileBuffers

Exports

Exports

Gsx
Hid
Nvf
Pcw
Shi
Sws
Viz
Wqw
Ydo
Ylv

Sections

.text
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ