220ded22e1a3c7eddf1bbca1b1d9decf37824a2e0dcbc6ffa813897658793785 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

220ded22e1a3c7eddf1bbca1b1d9decf37824a2e0dcbc6ffa813897658793785
Size

2.5MB
MD5

ab664e1e8f9a42c8f9e7cb6e9f989981
SHA1

92be9ff09afcd02d874e2b5781a275a416294f13
SHA256

220ded22e1a3c7eddf1bbca1b1d9decf37824a2e0dcbc6ffa813897658793785
SHA512

8150af267a3b6bb63a32e368b8f6ab8e379f01aace4341a4a0de7d154ecb0d3d220ca839dc084ac8728378ad73f592cdf13eba0938d9a4e6602ac4febdfee9fe
SSDEEP

49152:0jybmkFiXO5zFEY8M2nWgdfLd9Q/+ahwrpfdSXZeH6XundzPhvmmTgPB:0SmvetFE84WgP9faipf0i6Xulhv3gB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
220ded22e1a3c7eddf1bbca1b1d9decf37824a2e0dcbc6ffa813897658793785

Files

220ded22e1a3c7eddf1bbca1b1d9decf37824a2e0dcbc6ffa813897658793785
.dll windows:5 windows x86 arch:x86

676ea3cf4187c3d2f468fff57df3acc8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

InitializeAcl

kernel32

LoadLibraryExW
OutputDebugStringA
LoadLibraryExA
GetModuleFileNameA
GetBinaryTypeA
CancelIo
AssignProcessToJobObject
GetSystemTimeAsFileTime
LoadLibraryW

winmm

waveInGetDevCapsA

version

VerQueryValueA

gdi32

FlattenPath
SetROP2
Chord
GetMetaFileA
SelectClipPath

user32

IsCharLowerW
DeleteMenu
LoadAcceleratorsW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 344KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dJikU40
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

XJv48hjo
Size: 432KB - Virtual size: 431KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ