be612443dac28c32acef947fe1e699239f2fbb37a12e8db44ff288db950f3c86 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be612443dac28c32acef947fe1e699239f2fbb37a12e8db44ff288db950f3c86
Size

120KB
MD5

93efe3caaea859a8ee9e2b3ab3b23ddd
SHA1

ad0c0118625e96011ca048ae871930f0fcb4faf8
SHA256

be612443dac28c32acef947fe1e699239f2fbb37a12e8db44ff288db950f3c86
SHA512

59f2b9588ac45a2a54903b5a9c23ebba5a2f410cbe0fa09e4d4b8dd8b2267397c68563972a876908c3cdc00aeb5b17755e4bf9276a25b35f6a3067c47b2df6fa
SSDEEP

3072:RivPR7jh8+RmfGPoL0VslxmmaTy9COIBEDF00:RERfhlsbaW9vIUFX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be612443dac28c32acef947fe1e699239f2fbb37a12e8db44ff288db950f3c86

Files

be612443dac28c32acef947fe1e699239f2fbb37a12e8db44ff288db950f3c86
.dll windows:4 windows x86 arch:x86

0f44bf2b3b0b8d5ecae5689ff1d0e90d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetTickCount
lstrcpyA
lstrcatA
lstrlenA
GetTempPathA
SetErrorMode

user32

wsprintfA

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ