21b4b0b4c8ebb927749e518dd9c7f3cebe659f3a94c23a7bab9eaa2ce5cb7573 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21b4b0b4c8ebb927749e518dd9c7f3cebe659f3a94c23a7bab9eaa2ce5cb7573
Size

1.2MB
MD5

2c1fe58a53609c3505bfffa79fd0f40c
SHA1

ba91bdb97013a88c60a126c31aa341374874a012
SHA256

21b4b0b4c8ebb927749e518dd9c7f3cebe659f3a94c23a7bab9eaa2ce5cb7573
SHA512

64e144d535d4691ce859671dde419631244f277ffb0fa7befcac74f180319fd99c78f3affd6128f985fc2b17f2c4871e84544ea05e51cb98bc4e4f30718e5b69
SSDEEP

12288:YMW8RluevnD4AA+iyUFvsqD6A9EWAgkYO8SKyS1O7P+LMz3038Wqnu1DCmO/K/a6:e8zuevD4t+WAlkwS/53z+uJxKDTmka

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21b4b0b4c8ebb927749e518dd9c7f3cebe659f3a94c23a7bab9eaa2ce5cb7573

Files

21b4b0b4c8ebb927749e518dd9c7f3cebe659f3a94c23a7bab9eaa2ce5cb7573
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

AVInit
About
OrderDlg
RInit
UserRegDlg
_Decrypt
_DecryptOneFile
_Encrypt
_GetDecryptedFileName

Sections

CODE
Size: 717KB - Virtual size: 717KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 9KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 238B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 419KB - Virtual size: 419KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ