5b2178c7a0fd69ab00cef041f446e04098bbb397946eda3f6755f9d94d53c221 | Triage

Resubmissions

14/05/2024, 05:39

240514-gcdttace8y 3

14/05/2024, 04:59

240514-fmx5rsbf6y 3

Sharing

Copy URL Twitter E-mail

General

Target

5b2178c7a0fd69ab00cef041f446e04098bbb397946eda3f6755f9d94d53c221
Size

16.1MB
MD5

d513a09a10122ba8cd6df651aae35fb0
SHA1

79054b409cb1c7a36aafd9a9915f948e2f018734
SHA256

5b2178c7a0fd69ab00cef041f446e04098bbb397946eda3f6755f9d94d53c221
SHA512

3d69309c24ac3d12c79c750d584bb6f1ec805090ad2ddf60c6b1bdfa3c9a35d5563f991a992cc5f293bc27b23dd62708310c8f6b1cde7eec2abd22a44f83862e
SSDEEP

393216:xU1hrEqx51pI6/vVrQXtdnEcX6zeRLj1Wc2yKFEWtlfoM2ySyTR1PsUcUjell+:HMV99sA6T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b2178c7a0fd69ab00cef041f446e04098bbb397946eda3f6755f9d94d53c221

Files

5b2178c7a0fd69ab00cef041f446e04098bbb397946eda3f6755f9d94d53c221
.dll windows:6 windows x86 arch:x86

b0ec91d5b3d7a405d2401f47e969cf08

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
CloseHandle
CreateActCtxA
ActivateActCtx
DeactivateActCtx
CreateThread
GetModuleFileNameA
GetModuleHandleA
GetTempPathA
WaitForSingleObject
ReleaseActCtx
GetCurrentThread
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
VirtualAlloc
DuplicateHandle

Exports

Exports

HZsb643Xi
start

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11.0MB - Virtual size: 11.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ