c65812d94c321cf339be9ea2189c5d2a6b9f77f3191ac14b088461131327c6da | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c65812d94c321cf339be9ea2189c5d2a6b9f77f3191ac14b088461131327c6da
Size

179KB
MD5

9f8b28777913d595c810638ba1c468e4
SHA1

ffeec6a258e16492592708373c121e9cc0b97c49
SHA256

c65812d94c321cf339be9ea2189c5d2a6b9f77f3191ac14b088461131327c6da
SHA512

8978ab2b24b8f5fcf69ecf2bc879d8193de64c56cfb18edae077b3978cc1f0e729935966a3311b870dff72c80e4790831d25f57c1936d7894592e0129cfbcf55
SSDEEP

3072:EC5Wpfs98nVCWdKycHtld8VBt7NUalwXH9RqYzJabTYd3KIdj6+uFdi98pvO0hf3:ECOfQ8nVcycHrd8VBtBUa4HfRzJabT8m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c65812d94c321cf339be9ea2189c5d2a6b9f77f3191ac14b088461131327c6da

Files

c65812d94c321cf339be9ea2189c5d2a6b9f77f3191ac14b088461131327c6da
.dll windows:4 windows x86 arch:x86

28afa3e869e6149039d25c05abfd3e22

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

mfc42

ord825

msvcrt

rand

user32

GetDesktopWindow

advapi32

QueryServiceStatus

ws2_32

inet_addr

shlwapi

PathIsDirectoryA

ntdll

NtQueryInformationFile

psapi

GetModuleFileNameExA

ole32

CoInitializeSecurity

oleaut32

SafeArrayGetVartype

msvcp60

??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

netapi32

Netbios

Exports

Exports

Compliance

Sections

.text
Size: 173KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pkls
Size: 512B - Virtual size: 520B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE