dea4a759533079177b4f63787d3cdb66 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dea4a759533079177b4f63787d3cdb66
Size

128KB
MD5

dea4a759533079177b4f63787d3cdb66
SHA1

58a3dbbfac7607762c8950ed76daf945bce6cf5c
SHA256

fd8f511349a0ebe58ab0356559648a9c3beb533c199d60435dd6514d015fc090
SHA512

cb9b10e09ba650cd2420bc96b0994a6b38decf59c505460b4a2c40d00ef0a9aef7c3b67dabe44bcba5fe2509af364979665e4dd1c27a56a6c3c1ef2e10b4544a
SSDEEP

3072:Eu527LdxrBDKQ8/VwIk5iAVqADLVxsbaxW:ox4wIk5FMADLfSaxW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dea4a759533079177b4f63787d3cdb66

Files

dea4a759533079177b4f63787d3cdb66
.dll windows:4 windows x86 arch:x86

eb5615dd15e310a814c1fb1ee26d7eb4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetCommandLineA
GetModuleFileNameA
LeaveCriticalSection
LocalFree
EnterCriticalSection
CreateProcessA
WaitForSingleObject
UnmapViewOfFile
GetTickCount
SetLastError
GetProcAddress
LoadLibraryA
MapViewOfFile
Sleep

ole32

OleCreate
CoUninitialize
OleSetContainedObject
CoCreateGuid
CoInitialize

user32

GetSystemMetrics
GetClassNameA
GetMessageA
SetTimer
DefWindowProcA
FindWindowA
PostQuitMessage
SendMessageA
KillTimer
GetParent
GetWindowLongA
RegisterWindowMessageA

advapi32

RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey

Exports

Exports

fxEventCmds

Sections

.text
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ