10ae6c5b94391ded848797b0fe36efa2bc1220f63a0598eb04389b11ad0fe7bc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10ae6c5b94391ded848797b0fe36efa2bc1220f63a0598eb04389b11ad0fe7bc
Size

10.2MB
MD5

a86b17838aa98ef501364c0392b76ca2
SHA1

7c50672d2f9647f29de653e32e5065fdf7e5cb4a
SHA256

10ae6c5b94391ded848797b0fe36efa2bc1220f63a0598eb04389b11ad0fe7bc
SHA512

3db6b1dd3bd4ac5f574436d7b9d5e42d545dcecbbed414fa29d76101725d8612b7b99ff1d75e95d9fb174c4ba10912242f492824cf1478172b329850b0d37e99
SSDEEP

196608:kgX/bf4VTqt3au42FrufFKpZ1AJLYCB2HA8n3:kgXTPtPc1JMC0HA8n3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10ae6c5b94391ded848797b0fe36efa2bc1220f63a0598eb04389b11ad0fe7bc

Files

10ae6c5b94391ded848797b0fe36efa2bc1220f63a0598eb04389b11ad0fe7bc
.dll windows:6 windows x86 arch:x86

a111d6c3e49ee839e78416f62a2c6cb7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

user32

GetShellWindow

ntdll

NtOpenProcess

ws2_32

htons

ole32

CoInitialize

Exports

Exports

ClosePrinter
DocumentPropertiesA
OpenPrinterA

Sections

.text
Size: - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.5J&
Size: - Virtual size: 6.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.-aH
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.D|;
Size: 10.2MB - Virtual size: 10.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ