50c6771fbacc4cfbea1f162e7bc4a25bf885855e414af007ae86c2e52b66ddb5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

50c6771fbacc4cfbea1f162e7bc4a25bf885855e414af007ae86c2e52b66ddb5
Size

2.3MB
MD5

3666f0923fb80d1119fcf287ce839f75
SHA1

187d640010e0edc5775fa062ebe69138930fc970
SHA256

50c6771fbacc4cfbea1f162e7bc4a25bf885855e414af007ae86c2e52b66ddb5
SHA512

269728ea4a4c546ca66b05458028dc0ac1400126a1dc238d398eab436ed33a9cc42d9a15d3f6ac7aab4fad4edc0885fef7479273d049fca4d1405a1a60bcc2cd
SSDEEP

49152:irc//////9EqfhKtmevJKImA7iWGn2JjerEq98:irc//////9X5KkevJ9Kme

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50c6771fbacc4cfbea1f162e7bc4a25bf885855e414af007ae86c2e52b66ddb5

Files

50c6771fbacc4cfbea1f162e7bc4a25bf885855e414af007ae86c2e52b66ddb5
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

ExecutePluginCommand
GetAppMinVersion
GetCustomCommands
GetData
GetEvents
GetLogEx
GetModuleDescription
GetModuleInfo
GetModuleType
GetPluginIntfVersion
MultiThreadSupport
ProcessData
ShowOptionsDialog
madTraceProcess

Sections

CODE
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 26KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 409B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 398KB - Virtual size: 397KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ