64057982a5874a9ccdb1b53fc15dd40f298eda2eb38324ac676329f5c81b64e0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

64057982a5874a9ccdb1b53fc15dd40f298eda2eb38324ac676329f5c81b64e0
Size

7KB
MD5

5107d2108da21e3572db8087060a53c0
SHA1

c0e9735b42f00ea0c45a5eb3c1b858a407fb3fcb
SHA256

64057982a5874a9ccdb1b53fc15dd40f298eda2eb38324ac676329f5c81b64e0
SHA512

3a344ec8c517d51b5852c59735862043917247c8e6c1d6fda5f481f6f1d520d93eb880137c1295ff05510120be96b831f78d5b791de107318a9d91ec7113b864
SSDEEP

96:Z1dx/RVhqaGzuxoZ0t5exbWvo2g/EpiMBTQDxz5LGXQFkZXK+R3yg4P9:hx5Vh1GWoZ0tfgWcdzlGX4kgQ74P9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64057982a5874a9ccdb1b53fc15dd40f298eda2eb38324ac676329f5c81b64e0

Files

64057982a5874a9ccdb1b53fc15dd40f298eda2eb38324ac676329f5c81b64e0
.dll windows:1 windows x86 arch:x86

ca6cd57fdab1ce1eb2bd9aca9fc9ac83

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

QueryPerformanceFrequency
SwitchToThread
GetNextVDMCommand
GetPrivateProfileIntW
GetProcessHeaps
ReadFile
Sleep

gdi32

SetBitmapBits
FrameRgn
PtVisible

oleaut32

VarBstrFromBool
VarUI1FromR4

Exports

Exports

CPlApplet

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 65B

IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ