42fe17a5b3a1e16f5645eda0c0ac114db6e1d4357e2dc904f7000a627611935f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42fe17a5b3a1e16f5645eda0c0ac114db6e1d4357e2dc904f7000a627611935f
Size

7KB
MD5

dc9ef1d918117bb015d1e22927a2b0bd
SHA1

87b338910e350a32ac03c2c4d818ef87d0af82fb
SHA256

42fe17a5b3a1e16f5645eda0c0ac114db6e1d4357e2dc904f7000a627611935f
SHA512

e85a8b8f1e9386680bcd468eb2cd725a63799a84bfad62bd584ed02b0bdce6da9efdbdcd5cf2cd9cc9f2777d163dbdddbe2e25ea0f3694964687eb43bc066b30
SSDEEP

96:VGEETrMLH5ddpprxhXbujFlgiTUB6xiZJ319RFWniYfMLKq:efML7pLXEQGUBfbUBMKq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42fe17a5b3a1e16f5645eda0c0ac114db6e1d4357e2dc904f7000a627611935f

Files

42fe17a5b3a1e16f5645eda0c0ac114db6e1d4357e2dc904f7000a627611935f
.dll windows:5 windows x86 arch:x86

a23064e36a7cee786955ca6fd65d4af8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryW
ReadFile
CreateFileW
GetProcAddress
VirtualAlloc
MoveFileExW

msvcrt

free
_initterm
malloc
_adjust_fdiv

Exports

Exports

rundll32

Sections

.text
Size: 1024B - Virtual size: 646B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 517B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ