b95345b56cbb06cb66368cbbe5335e205ef6c9f56fc3b31757f87391b23da56f | Triage

Sharing

General

Target

b95345b56cbb06cb66368cbbe5335e205ef6c9f56fc3b31757f87391b23da56f
Size

6KB
MD5

54e2c99c1f4a560b6c91f73506e2d45f
SHA1

91e34b599d6a526d4a3fafc50495e1eff648239e
SHA256

b95345b56cbb06cb66368cbbe5335e205ef6c9f56fc3b31757f87391b23da56f
SHA512

29e2b0b7bae70d9740a59acfbfdb8a7d8f8c237e559f5d347e238869d28d78baf2bff78d9e527689a8b9262b153fd426022206ff0dbfb2f29b4eba4de3acb6cd
SSDEEP

96:XU2H3UFvslXiAlxC9u9rg4syw2bq4iiOWCrHapRDTzJSq4/6ka:kuXiAnZuvSii9UHoRjJSf/6ka

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b95345b56cbb06cb66368cbbe5335e205ef6c9f56fc3b31757f87391b23da56f

Files

b95345b56cbb06cb66368cbbe5335e205ef6c9f56fc3b31757f87391b23da56f
.dll windows:5 windows x86 arch:x86

54e9717474a19482d07e3ff5fe4b5fcb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsBadWritePtr
VirtualProtect
GetModuleHandleW
lstrcmpiA
VirtualQuery
DisableThreadLibraryCalls
WriteFile
lstrcpynW
GetModuleFileNameW
WaitForMultipleObjects
CreateFileW
MultiByteToWideChar
SetEvent
CloseHandle
ResetEvent
GetCurrentProcessId
lstrcmpiW
GenerateConsoleCtrlEvent
lstrlenW
OpenEventW
OpenFileMappingW
UnmapViewOfFile
OpenProcess
MapViewOfFile
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ