c618ec5834c9e467355f0a9d7b364e34a63c2b30ef15054cf22024c56ffd6fb5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c618ec5834c9e467355f0a9d7b364e34a63c2b30ef15054cf22024c56ffd6fb5
Size

42KB
MD5

163563b935b677ce23b4a8ed7c04b8f6
SHA1

461daf4fa01562329f37b94835dde10a9d726cbc
SHA256

c618ec5834c9e467355f0a9d7b364e34a63c2b30ef15054cf22024c56ffd6fb5
SHA512

eb8ffb23393e36456fcf1a342af0662d9a01597e69a96e3dc30315a3e0702fe715ef0948cc143b043bc22ed9d7f1ae0b21c57f3063212fb94d797e8d701a287d
SSDEEP

768:m+6yo2xjLq1x0NWtqdihTKCldkYwkdpnoyAXFU:N6y1tw0NWfKW3XoP2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c618ec5834c9e467355f0a9d7b364e34a63c2b30ef15054cf22024c56ffd6fb5

Files

c618ec5834c9e467355f0a9d7b364e34a63c2b30ef15054cf22024c56ffd6fb5
.dll windows:5 windows x86 arch:x86

8700d0ebbb41c81ea52718af1ab70a93

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyW
MultiByteToWideChar
lstrlenA
lstrcmpiW
lstrlenW
ExitProcess
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
lstrcpynW
GetCommandLineW
Sleep
TerminateProcess
GlobalReAlloc
GlobalUnlock
GlobalSize
ReadFile
GetModuleHandleW
GetTickCount
GetStartupInfoW
CreatePipe
GetVersionExW
GlobalLock
DeleteFileW
lstrcatW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
CreateFileW
CopyFileW
GetTempFileNameW
GlobalFree
GlobalAlloc
GetModuleFileNameW
GetProcAddress
PeekNamedPipe
GetCurrentProcess

user32

CharPrevW
CharNextW
SendMessageW
FindWindowExW
wsprintfW

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 454B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ