7c3a95c17901021921b74eee6edaadb00e8e6a5a70b196cbb38b06a3e20ce2b8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7c3a95c17901021921b74eee6edaadb00e8e6a5a70b196cbb38b06a3e20ce2b8
Size

24KB
MD5

fe13a78ee4d799d9479aee606a867c86
SHA1

a292a8a7a5bbfd47a8ee6a5cd9474724314177ca
SHA256

7c3a95c17901021921b74eee6edaadb00e8e6a5a70b196cbb38b06a3e20ce2b8
SHA512

7214cf8f2f2bb4874d3251781ffa96fb1f67af264b7a2f9dfb8e6c6efb650b2966bf6b523768ee7a437cb290c491aaaf753bad6484f05e2e24f25b5a2bf2a5f8
SSDEEP

192:CLWParg2BfshF3UhFKdM4yovcjvkG+HQkV+V:OpqaAdhacGEQkA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c3a95c17901021921b74eee6edaadb00e8e6a5a70b196cbb38b06a3e20ce2b8

Files

7c3a95c17901021921b74eee6edaadb00e8e6a5a70b196cbb38b06a3e20ce2b8
.dll windows:4 windows x86 arch:x86

aeda3e7a91198f48a243760b3316a457

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord825
ord800
ord535
ord823
ord860
ord540
ord2818
ord537
ord1168
ord1253
ord342
ord1182

msvcrt

__CxxFrameHandler
malloc
_mbscmp
free
_initterm
_adjust_fdiv

pylonc_v5_2

_PylonDeviceGetIntegerFeatureInt32@12
_PylonDeviceSetBooleanFeature@12
_PylonDeviceSetIntegerFeature@16
_PylonDeviceFeatureIsWritable@8
_PylonDeviceFeatureFromString@12
_PylonDeviceFeatureIsAvailable@8
_PylonDeviceOpen@8
_PylonCreateDeviceByIndex@8
_PylonGetDeviceInfo@8
_PylonTerminate@0
_PylonEnumerateDevices@4
_PylonInitialize@0
_PylonDestroyDevice@4
_PylonDeviceClose@4
_PylonDeviceGrabSingleFrame@28

Exports

Exports

Connect_BaslerCamera

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 388B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ