3a76a784941539c569b1d176fd449d07f000a410d6f52b1f44ff7d17e8a2c155 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a76a784941539c569b1d176fd449d07f000a410d6f52b1f44ff7d17e8a2c155
Size

120KB
MD5

edc88da60d93b82a9aeefe5016a9d40b
SHA1

3aa73b4c59f31f22f3e56a8f78ccb4320e818594
SHA256

3a76a784941539c569b1d176fd449d07f000a410d6f52b1f44ff7d17e8a2c155
SHA512

1b7128c23c5fae9f52dbac7dc65f10e85845c8a3790c53b625420cc3815912728b7bd51edab242793df488c11b05d7d89f57c27b6e59ee90953f745b07ab7ae3
SSDEEP

1536:mF27CENCRVUK3OsT88LANAtJKIldynB6x3OHhcOH/Bn6daxI18VU4dIAv:/LNC3bBT0AtYIlkB83O168e18VHIu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a76a784941539c569b1d176fd449d07f000a410d6f52b1f44ff7d17e8a2c155

Files

3a76a784941539c569b1d176fd449d07f000a410d6f52b1f44ff7d17e8a2c155
.dll windows:4 windows x86 arch:x86

0f44bf2b3b0b8d5ecae5689ff1d0e90d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetTickCount
lstrcpyA
lstrcatA
lstrlenA
GetTempPathA
SetErrorMode

user32

wsprintfA

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ