7c969bd8079cec750a566a32b443e89bc98c87765164adabede30bffa84d876b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7c969bd8079cec750a566a32b443e89bc98c87765164adabede30bffa84d876b
Size

69KB
MD5

16a128522a23e89dde39358ec065d4f2
SHA1

acfe32a07ef2b3cb5f06820c0bb25055d588c8af
SHA256

7c969bd8079cec750a566a32b443e89bc98c87765164adabede30bffa84d876b
SHA512

9b5f514710cfe04c709cee94900450060916b12b199e11e3d889a73f0094d5fa9b0c845655e534fa1f79703d1982a9acae3b1ff8077e7d4bb4951a0106c0fc8a
SSDEEP

1536:diMKZIWyCa+LSPzrva4e3sh6IxAV/1tFD0ECv3FH4:dioW0YaSO6IxA7DW/R4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c969bd8079cec750a566a32b443e89bc98c87765164adabede30bffa84d876b

Files

7c969bd8079cec750a566a32b443e89bc98c87765164adabede30bffa84d876b
.dll windows:4 windows x86 arch:x86

0f9be566db96375038b20e0f9bc1080b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
GetFileAttributesA
lstrlenW
GetFileAttributesW
GetVersion
GetProcAddress
GetModuleHandleA
DisableThreadLibraryCalls
FindResourceA
SizeofResource
LockResource
LoadResource

ole32

CoTaskMemFree
CoTaskMemAlloc

msvcrt

_chmod
_utime
_stat
memcmp
_purecall
memset
??3@YAXPAX@Z
free
_CxxThrowException
memcpy
wcslen
strlen
_mbschr
malloc
realloc
memmove
__CxxFrameHandler
wcsstr
_ftol
??2@YAPAXI@Z
abs
calloc
fclose
ftell
_errno
fopen
fseek
fread
fwrite
strrchr
rename
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
_strdup
_unlink

Exports

Exports

ttpGetSoundAddIn

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ