b474c2235cb078cc98faeb6a5d4595a8f03c57377fe1a246ebb8483a0dec9713 | Triage

Sharing

General

Target

b474c2235cb078cc98faeb6a5d4595a8f03c57377fe1a246ebb8483a0dec9713
Size

35KB
MD5

c1209df94ca264f8a43c1084218ae0fc
SHA1

eefca1f536ff8411d08eda3a9b492fd8bfb0a24d
SHA256

b474c2235cb078cc98faeb6a5d4595a8f03c57377fe1a246ebb8483a0dec9713
SHA512

565390a2d8c6e247e7c5e34a115d612bc7a652926c22f01e8a1c1234876391f1aeed48524b0804c3cb3b7b29c781029f00715c1d6921678e483d764a7b9170fc
SSDEEP

768:NlG0kF7saK0v9s2LXza6rJpAFIFDGDJBLLC9arkuY8Vlh5:PGZ9zNzAFIFDWLjnJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b474c2235cb078cc98faeb6a5d4595a8f03c57377fe1a246ebb8483a0dec9713

Files

b474c2235cb078cc98faeb6a5d4595a8f03c57377fe1a246ebb8483a0dec9713
.dll windows:4 windows x86 arch:x86

ea0644400010e758841f0a7ad88ee775

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
UnmapViewOfFile
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
GetTickCount
CreateEventA
ReadFile
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileA
GetVersion
GetFileTime
GetLastError
SetFilePointer
ResetEvent
GetOverlappedResult
DeleteFileA
InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls

user32

EndDialog
SetWindowTextA
SetDlgItemTextA
wsprintfA
SetWindowLongA
GetWindowLongA
DialogBoxParamA

msvcrt

_stricmp
_strdup
_adjust_fdiv
_initterm
_onexit
__dllonexit
free
??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler
realloc
malloc
_ftol
floor
_purecall
qsort
bsearch

Exports

Exports

ReaperPluginEntry

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ