1842ddc55b4bf9c71606451d404a21f7f3da8e54c56318010c80ba4f571bd8f5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1842ddc55b4bf9c71606451d404a21f7f3da8e54c56318010c80ba4f571bd8f5
Size

11KB
MD5

fb6da2aa2aca0ce2e0af22b2c3ba2668
SHA1

55b89bad1765bbf97158070fd5cbf9ea7d449e2a
SHA256

1842ddc55b4bf9c71606451d404a21f7f3da8e54c56318010c80ba4f571bd8f5
SHA512

f96a3add565c189121dcdbb84cbe07f1053ccdedfa29806dbb4fb79cb75c316f4a2a392e8f4c3a824a518d25a0372e40153c29e810b551a30004ef66128fd1da
SSDEEP

96:Z5fcwA4Wxn2CrX8CrcTEs6pDBTXpjheO4GmmzMA/6EjcXFQPHhejJgmxclr6PH1g:P84I2CICIb1Xu2X2fheFx4e5v9Flzu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1842ddc55b4bf9c71606451d404a21f7f3da8e54c56318010c80ba4f571bd8f5

Files

1842ddc55b4bf9c71606451d404a21f7f3da8e54c56318010c80ba4f571bd8f5
.dll windows:1 windows x86 arch:x86

d25153ff3e3b2cc8da1535975bc79e4e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
VirtualAlloc

Exports

Exports

AserSec
ClearMyTracksByProcess

Sections

AUTO
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

AUTO
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 111B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ