1eb0b48ca74c119b53d372de7d639f0bcb1337fb526347fb3b22f62214280e1d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1eb0b48ca74c119b53d372de7d639f0bcb1337fb526347fb3b22f62214280e1d
Size

158KB
MD5

fd618940c30715bc3a539f9c9592baf9
SHA1

8ff1b7306d00e6d04bcbff68c57acf4895d0518b
SHA256

1eb0b48ca74c119b53d372de7d639f0bcb1337fb526347fb3b22f62214280e1d
SHA512

caa6505e9bb5ae38589d2f2ad2ae8f2cc5e9381d883c5a16663f2bcfbf54826d682f6c12f6c89100d2f8059965b3f90dc9d4cc2d2f41fceed64b46127cf59f29
SSDEEP

3072:W/LecLDzqMDMXSBTWD85cb0E/fsO+L0ukZsqSkq2jSU:W/pDzqMGSBTWD85cb0AHya4kq2O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1eb0b48ca74c119b53d372de7d639f0bcb1337fb526347fb3b22f62214280e1d

Files

1eb0b48ca74c119b53d372de7d639f0bcb1337fb526347fb3b22f62214280e1d
.dll windows:5 windows x86 arch:x86

930a126bcc0dea72d6f98c236559a065

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

GetTextMetricsW
SetTextColor
SetDCBrushColor
SelectPalette
SelectObject
CreateFontW
GetTextColor
GetTextCharset
GetPixel
GetDeviceCaps

user32

LoadMenuW
CreateWindowExW
DialogBoxParamW
EndDialog
GetDlgItem
GetDlgItemTextW
GetKeyNameTextW
GetMessageW
IsDlgButtonChecked
LoadImageW

kernel32

GetDateFormatW
SetLastError
LoadLibraryExA
GetModuleHandleA
GetLocaleInfoW
FormatMessageW
GetCommandLineW
GetCommandLineA
GetAtomNameW

Exports

Exports

del
gdel
gdll
gmod
pmod
sdll
wdll

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ