996c54b3da2b6c1d7615729689a35c6da5b491fb76c37c4e896a16c8c7876466 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

996c54b3da2b6c1d7615729689a35c6da5b491fb76c37c4e896a16c8c7876466
Size

2.6MB
MD5

7e2cb26beae8e5b033e48a08e4b580d5
SHA1

c1043c4cf008841d6a7a1812bda0ca9dd41c3f7b
SHA256

996c54b3da2b6c1d7615729689a35c6da5b491fb76c37c4e896a16c8c7876466
SHA512

db5b8bad04170f5e1bb147a6c9783726ce607f74677e5c62f5e489647434bfe003c13a87cced7d316b06a5c2546f2d4960e6d40b8bfc89ca4e044667d6655e71
SSDEEP

49152:YwoemQ4TUSSK2vp/OdZhGms6Ng/taNUYoNe4JeguDewfn33eYC+lbwtdA9YJ2KZr:YverwSKgp/wZhGtX1aNU9Nxfuiwv33Rj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
996c54b3da2b6c1d7615729689a35c6da5b491fb76c37c4e896a16c8c7876466

Files

996c54b3da2b6c1d7615729689a35c6da5b491fb76c37c4e896a16c8c7876466
.dll windows:5 windows x86 arch:x86

4f7a1fe27b7c19b296e1edcc93916730

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

AbortSystemShutdownW

rpcrt4

I_RpcNegotiateTransferSyntax

winmm

midiOutShortMsg

opengl32

glMultMatrixf

winspool.drv

AddPortW

ole32

CoGetCallContext

kernel32

GetModuleHandleA
GetBinaryTypeA
GetModuleFileNameA
GetFileSize
WaitForSingleObjectEx
DeleteCriticalSection

Exports

Exports

IhzpheuldS

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.code
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ