d81b5777a0f0044168be6dfa83e2968264058b211693c42e3db809a79ec59a3d | Triage

Sharing

General

Target

d81b5777a0f0044168be6dfa83e2968264058b211693c42e3db809a79ec59a3d
Size

64KB
MD5

8d73e58cad67aa464996a09779acf6df
SHA1

5dd711e9f82983636230a422e375b842656e6243
SHA256

d81b5777a0f0044168be6dfa83e2968264058b211693c42e3db809a79ec59a3d
SHA512

ba0da11139d90bbdbca5e8099a49b688aa845ceeebf62c33b23811b518827b6456045813d786f6bfdcd639b5dc52da74298d38b6cdacff918d32cd46feed97c5
SSDEEP

768:6wKTGdJHYBIgxkwe2Flbxl+FY7m1U0RLakZUm+7pCN+cnRyeGVD:6wKTGL4BIgxkwe2Tbv9m1U9EUF7+Ry

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d81b5777a0f0044168be6dfa83e2968264058b211693c42e3db809a79ec59a3d

Files

d81b5777a0f0044168be6dfa83e2968264058b211693c42e3db809a79ec59a3d
.dll windows:1 windows x86 arch:x86

f3372812a208e7f1472891f5fdb1c5c7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileW
DeleteFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTempPathW
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcmpiW
lstrcpyA
lstrcpyW
lstrlenA
lstrlenW

user32

EnableWindow
FindWindowA
GetWindowLongA
MessageBoxW
SendMessageA
SendMessageW
wsprintfA
wsprintfW

comdlg32

GetOpenFileNameW

ntdll

memcpy
memset

ole32

CoUninitialize
CoInitialize
CoInitializeSecurity
CoCreateInstance
CLSIDFromProgID

oleaut32

SysAllocString
SysFreeString

shlwapi

PathFindExtensionW
PathStripPathW

Sections

.code
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ