dda64fded39fbc7b2a16843fa13b7d8dd6b307bc3c80f7a383705f1ddadd9a0c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dda64fded39fbc7b2a16843fa13b7d8dd6b307bc3c80f7a383705f1ddadd9a0c
Size

1.9MB
MD5

b6342fe1dde6a11186a9f872fb06d998
SHA1

9c46bbce1a0753f002977c16e95c7ad030023739
SHA256

dda64fded39fbc7b2a16843fa13b7d8dd6b307bc3c80f7a383705f1ddadd9a0c
SHA512

5beffb94535dcbf131d2dd84bb905ff8d9fe3a7a66d0eb5cfd5a1a484422d1608dd66ecd996da40c8553a4eaa5598d67f0a9e4c5585e60e7c8e725bacec5e41b
SSDEEP

24576:MwDABm3nKfG/r7Kll8taGdCp5bJhRJvx38J4:MqABm3KG/Kll8taAi38K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dda64fded39fbc7b2a16843fa13b7d8dd6b307bc3c80f7a383705f1ddadd9a0c

Files

dda64fded39fbc7b2a16843fa13b7d8dd6b307bc3c80f7a383705f1ddadd9a0c
.dll windows:5 windows x86 arch:x86

039bcbc605477e8e87ec550c2e60e748

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
lstrlenW
lstrcmpiW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ