e2ba0567ac236a24bfd4df321ae7860e8fe2810dbd088e0e90d67167c1ccd4c5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e2ba0567ac236a24bfd4df321ae7860e8fe2810dbd088e0e90d67167c1ccd4c5
Size

497KB
MD5

7f3e44cca7dd1841d5d9db9a71b4f3cb
SHA1

871a743a69e66000e7588bb8858e9991ac8bd154
SHA256

e2ba0567ac236a24bfd4df321ae7860e8fe2810dbd088e0e90d67167c1ccd4c5
SHA512

d034989737111cadb57d8786802d7b0d9bca2d947a72a71996b3f2184303d25438fe4180c7131f88dda593d114170dbbc79a15fd6728fc68933e6c966b84e126
SSDEEP

6144:H9R8XkrFueSwOfnAqAitY5JGYMcETCQ1EvLaMGPl+8aubfHRJQwphRqD4:d7rTwGi0JGgETCQRP0DubPRawphok

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e2ba0567ac236a24bfd4df321ae7860e8fe2810dbd088e0e90d67167c1ccd4c5

Files

e2ba0567ac236a24bfd4df321ae7860e8fe2810dbd088e0e90d67167c1ccd4c5
.dll windows:6 windows x86 arch:x86

60535399a01b995354b95d8392470467

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
Sleep

user32

SendMessageA
SetTimer
GetWindowTextA
GetClientRect
MessageBoxA
GetClassNameA

Exports

Exports

DllRegisterServer1

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 412KB - Virtual size: 411KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ