02f9d5e59dcda3c4ec6b1b40716eb1b599ca1be3c6b9e874297f1272d98bb47a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02f9d5e59dcda3c4ec6b1b40716eb1b599ca1be3c6b9e874297f1272d98bb47a
Size

2.5MB
MD5

f9b35d20d2366136aba60db9396ba8e4
SHA1

70c46ea20112828bb90bbf419dbed0522f7dffd9
SHA256

02f9d5e59dcda3c4ec6b1b40716eb1b599ca1be3c6b9e874297f1272d98bb47a
SHA512

d1f44e814648c51078202d3f7a73cab2a5ebe0aa769f95e334610038440b2d2ac1d460840ed44e60a1812c57300a8890149b162843f3a0b4207c9a800c1039ca
SSDEEP

49152:9jybmkFiXO5zFEY8M2nWgdfLd9Q/+aQPBpfd1XZeH6XcndzPhvmmTgPB:9SmvetFE84WgP9faQpfRi6Xclhv3gB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02f9d5e59dcda3c4ec6b1b40716eb1b599ca1be3c6b9e874297f1272d98bb47a

Files

02f9d5e59dcda3c4ec6b1b40716eb1b599ca1be3c6b9e874297f1272d98bb47a
.dll windows:5 windows x86 arch:x86

abdc9979663f1bc08a3297a782317045

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

InitializeAcl

version

VerQueryValueA

winmm

waveInGetDevCapsA

user32

IsCharLowerW
DeleteMenu
LoadAcceleratorsW

gdi32

FlattenPath
SetROP2
Chord
GetMetaFileA
SelectClipPath

kernel32

LoadLibraryExW
OutputDebugStringA
LoadLibraryExA
GetModuleFileNameA
GetBinaryTypeA
CancelIo
AssignProcessToJobObject
GetSystemTimeAsFileTime
LoadLibraryW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 344KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dJikU40
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

XJv48hjo
Size: 432KB - Virtual size: 431KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ