8cca5419bd9664563c6f5c3082770d6b1148f4b08a114c9fd6bccffd0445ee81 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8cca5419bd9664563c6f5c3082770d6b1148f4b08a114c9fd6bccffd0445ee81
Size

2.0MB
MD5

6a6df0acdaa5f7c71a4bce6438d1f831
SHA1

0b2b8d151ca57564bafb052d4bae89be2fdbf3c7
SHA256

8cca5419bd9664563c6f5c3082770d6b1148f4b08a114c9fd6bccffd0445ee81
SHA512

99e6928d11fffb6b9a617587563ac6dc33eac4b77d4c83c0570338b4e459d9e8c0b28c05261a3378c3102e059a0c2e73dc3ee132d79b4110c9f07d118551734f
SSDEEP

49152:itsI6EEmSIIRkqR2Ez0aEkOsVuYR5NcRre:K6PmSGqRpztE0M8sre

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8cca5419bd9664563c6f5c3082770d6b1148f4b08a114c9fd6bccffd0445ee81

Files

8cca5419bd9664563c6f5c3082770d6b1148f4b08a114c9fd6bccffd0445ee81
.dll windows:5 windows x86 arch:x86

630f95bfff41d8feae4f157f5d9bbdae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mprapi

MprAdminConnectionEnum

user32

TrackPopupMenu
ReleaseCapture
GetWindowInfo

advapi32

DuplicateToken
RemoveUsersFromEncryptedFile

kernel32

GetModuleHandleW
LoadLibraryExA
OutputDebugStringA
GetUserDefaultLangID

oleaut32

SafeArrayCreateVector
GetRecordInfoFromGuids

gdi32

AbortDoc

Exports

Exports

VzhhoaeEnwsasio

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.crt
Size: 4KB - Virtual size: 163B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.data
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ