efda3c618f8c3b7e259b451ef70587767c6ae0b532753b1d3ae4f614c5c18aaf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

efda3c618f8c3b7e259b451ef70587767c6ae0b532753b1d3ae4f614c5c18aaf
Size

120KB
MD5

d0612719728ad424d7061ea5ce6d5e19
SHA1

fa8ec9cc58f0366fe9026e337e19447656ba47c7
SHA256

efda3c618f8c3b7e259b451ef70587767c6ae0b532753b1d3ae4f614c5c18aaf
SHA512

b484dab8199ceb02211842a113aedaa359c911f935f726a05667d2a0d2d38b886b71ec73336cf762d40fa3b84f509499b5654c128c6b9c420eb765d07bac6c25
SSDEEP

1536:n3rd8MrD9JKeo1jnM3s/iM8MlppWSb3qP6QZurcSt0kiHvdbOVAlSYQmJKokgRZT:359JKl7Mds/jOyQZCykmdbOsJJKhg7S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efda3c618f8c3b7e259b451ef70587767c6ae0b532753b1d3ae4f614c5c18aaf

Files

efda3c618f8c3b7e259b451ef70587767c6ae0b532753b1d3ae4f614c5c18aaf
.dll windows:4 windows x86 arch:x86

0f44bf2b3b0b8d5ecae5689ff1d0e90d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetTickCount
lstrcpyA
lstrcatA
lstrlenA
GetTempPathA
SetErrorMode

user32

wsprintfA

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ