5885d87212f2a754db13d9076cc98a4ab9e90f6012b6b35050f6ab2447b4c584 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5885d87212f2a754db13d9076cc98a4ab9e90f6012b6b35050f6ab2447b4c584
Size

23KB
MD5

d57356d4944d345457a558a4d405310a
SHA1

c245eba05dfa0faab4abf684b4b5ddf411cb2074
SHA256

5885d87212f2a754db13d9076cc98a4ab9e90f6012b6b35050f6ab2447b4c584
SHA512

d03332de12c9052d910ece3995b68f58b1ee7832218c1103f5094c7bd752d13de4f0f475c3dde172820620ec322f66dcb265f931dd76e3e29de6d5e86f2f9802
SSDEEP

384:rUCoRtoilXz9KAp/pMbW+wB3wMY4/RYNMEBMdrq6zLpd6ex+:ACoroODYAp/yW+hen36J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5885d87212f2a754db13d9076cc98a4ab9e90f6012b6b35050f6ab2447b4c584

Files

5885d87212f2a754db13d9076cc98a4ab9e90f6012b6b35050f6ab2447b4c584
.dll windows:4 windows x86 arch:x86

2510e8456e7cf8cfd5e8ca357299026b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr80

_lock
__dllonexit
_except_handler4_common
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_onexit
_encode_pointer

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

Exports

Exports

GetLocString

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ