ec466d60506f00061f4d836aeca5f9a8bd78a3b66811cbbd50a2ea70d1cab2a5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ec466d60506f00061f4d836aeca5f9a8bd78a3b66811cbbd50a2ea70d1cab2a5
Size

120KB
MD5

979c6687c331ed0e99155d1d0406667f
SHA1

685a06a051e25b10e6dadecec0511f3b8bf9a657
SHA256

ec466d60506f00061f4d836aeca5f9a8bd78a3b66811cbbd50a2ea70d1cab2a5
SHA512

ad720140f62258fa9e3409b4481b14750569dd30e333793791cc154fd0c6c6a8e0660127489dd22a60410cc7ead6a30940ff1d1bc950f1a83d2382d5b18b4779
SSDEEP

1536:eY7zKhfKugAdZ7oRd2dJeaQxsnS5IO27eJtpqgKItBGyEZN0vbELyG3G/1R1nBB:eY7YfLjdtbJ7QeSx20tBu2Kzi1dB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec466d60506f00061f4d836aeca5f9a8bd78a3b66811cbbd50a2ea70d1cab2a5

Files

ec466d60506f00061f4d836aeca5f9a8bd78a3b66811cbbd50a2ea70d1cab2a5
.dll windows:4 windows x86 arch:x86

0f44bf2b3b0b8d5ecae5689ff1d0e90d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetTickCount
lstrcpyA
lstrcatA
lstrlenA
GetTempPathA
SetErrorMode

user32

wsprintfA

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ