13daca24a0e96ab7b145079f3393d1e952d12435f05917225a36eaeca485e5a6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13daca24a0e96ab7b145079f3393d1e952d12435f05917225a36eaeca485e5a6
Size

2.5MB
MD5

9e4130500644a0bfd22dad9113679451
SHA1

84046dab1b47dfc95a71d25edff3936761cb2694
SHA256

13daca24a0e96ab7b145079f3393d1e952d12435f05917225a36eaeca485e5a6
SHA512

792362e1be856e707a8ca843a4aef2ea57e4550d1942ede0ee1d7bffd9e30310778f1c72d889d83f90305980d9d1ea8fd1f42bea2fb6cad41615d077ab474cb3
SSDEEP

49152:y+k9qg1wn44rBh0yguZJ3/bFKRZHdN4jQtqyWoFyZr4CnTLXmL8:V5guhrXyunM74jQtIt7TSL8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13daca24a0e96ab7b145079f3393d1e952d12435f05917225a36eaeca485e5a6

Files

13daca24a0e96ab7b145079f3393d1e952d12435f05917225a36eaeca485e5a6
.dll windows:5 windows x86 arch:x86

e95721d9c1a24186401e04d73dae0029

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

DeleteMenu
IsCharLowerW
LoadAcceleratorsW

gdi32

Chord
SelectClipPath
GetMetaFileA
FlattenPath
SetROP2

version

VerQueryValueA

kernel32

AssignProcessToJobObject
CancelIo
LoadLibraryExA
GetSystemTimeAsFileTime
OutputDebugStringA
LoadLibraryW
GetModuleFileNameA
GetBinaryTypeA
LoadLibraryExW

winmm

waveInGetDevCapsA

advapi32

InitializeAcl

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 344KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dJikU40
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

XJv48hjo
Size: 432KB - Virtual size: 431KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ