d06b514318143e81fcdfee35b19a50943019b508ebfb5edf27ce5ea19ae65e78 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d06b514318143e81fcdfee35b19a50943019b508ebfb5edf27ce5ea19ae65e78
Size

16KB
MD5

f62535b6029b1d52139ff467a6ec6db9
SHA1

6d47d58da0c5f921699d2c06ceba9ccacfd54790
SHA256

d06b514318143e81fcdfee35b19a50943019b508ebfb5edf27ce5ea19ae65e78
SHA512

8a38ab4907d3f202e195d948f6b89f0e8f5335e3431169c557f750559b8530075924d6f9866ac9366d30f5d7ef772f01a1d957e86a3b5ed79e6b8c0775d382c5
SSDEEP

192:R8CngollI+9j+xoMnmAmeVom1oEAfKqXVlUVgzvKbOZeZp9t+H:FfDCxA0oidTE4gzvKbOZl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d06b514318143e81fcdfee35b19a50943019b508ebfb5edf27ce5ea19ae65e78

Files

d06b514318143e81fcdfee35b19a50943019b508ebfb5edf27ce5ea19ae65e78
.dll windows:4 windows x86 arch:x86

8954e66f0efe9d9494f169d11924f9a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OutputDebugStringA
GetTempPathA
CloseHandle
Sleep
DeleteFileA
ReadFile
SetFilePointer
GetFileSize
WaitForSingleObject
CreateProcessA
CreateFileA
ExpandEnvironmentStringsA
GetTickCount
FreeLibrary
GetProcAddress
LoadLibraryA
WinExec

mfc42

ord540
ord800
ord5442
ord3318
ord665
ord825
ord6385
ord1979
ord5186
ord354
ord823
ord860
ord2818
ord535
ord858
ord537
ord940
ord6874
ord4204

msvcrt

printf
strrchr
_beginthreadex
rand
__CxxFrameHandler
_iob
sprintf
free
malloc
fclose
fwrite
fopen
srand
__dllonexit
_onexit
_initterm
_adjust_fdiv

ws2_32

WSAStartup

iphlpapi

GetAdaptersInfo

Exports

Exports

Start

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 678B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ