ae7aecfb39ce9491c679ca42038c41c4e4819a6444e6ebf64f47020a14dd4512 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae7aecfb39ce9491c679ca42038c41c4e4819a6444e6ebf64f47020a14dd4512
Size

50KB
MD5

a8627bff8e9ce06be6237d11752a07fb
SHA1

dfec9ecbec572297a8c6dfc93b4500d49dc557c4
SHA256

ae7aecfb39ce9491c679ca42038c41c4e4819a6444e6ebf64f47020a14dd4512
SHA512

57604b3d4cafbc3a215d1b3f08c4423d7dd82c5002122e16861c0c618ce841f553a7cdd6f913730b6edd7f982918ace286d8984c6726d1d9a90c054ff591b4f7
SSDEEP

768:Q1etlFz8/OI2Jl/3nQ+koNbPKwzo4YvvXO49ZFNcZliWx/WeDAei:oeLFz8XOq+HVG4YvvJRNCiWHxi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae7aecfb39ce9491c679ca42038c41c4e4819a6444e6ebf64f47020a14dd4512

Files

ae7aecfb39ce9491c679ca42038c41c4e4819a6444e6ebf64f47020a14dd4512
.dll windows:1 windows x86 arch:x86

b49a0b804cd518a6219d0afae8b655c1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

comctl32

InitCommonControlsEx

kernel32

CloseHandle
CreateFileW
ExitProcess
FindClose
FlushFileBuffers
GetCommandLineW
GetFileSize
GetFileType
GetLastError
GetStringTypeA
GetVersionExA
GlobalAlloc
GlobalFree
MultiByteToWideChar
ReadFile
SetEndOfFile
SetErrorMode
SetFilePointer
SetLastError
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WideCharToMultiByte
WriteFile

oleaut32

SysAllocStringByteLen
SysAllocStringLen
SysFreeString
VariantClear

user32

CharLowerBuffA
CharNextA
CharUpperBuffA

wsock32

closesocket
WSACleanup

\drake13\calclib\layout

LAYOUT

Exports

Exports

PER052
READF56

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.link
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rloc
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ