5883326b2b3f873b680f7744e1a2086f6926d6ef30df987b14b2eb7b9f4a6bbb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5883326b2b3f873b680f7744e1a2086f6926d6ef30df987b14b2eb7b9f4a6bbb
Size

2.2MB
MD5

21d4aa8dae0d7d1ed46600bd79e72110
SHA1

5c150e843dfba238f7dd291655685191767ff683
SHA256

5883326b2b3f873b680f7744e1a2086f6926d6ef30df987b14b2eb7b9f4a6bbb
SHA512

d3279b4c56ae8f4d19e022a5b1cd74c584d6afb02a540fd8cd9d5161379447370097864f7d603041804aed5d30a430079837e163f94221e7bdbe7464a5899127
SSDEEP

49152:45rWFMICjkHciSs6Uf237s806yl30Pbm8+TtVK+n+1Qr4I1:cYlHciSs6UfE48Tyl30PVAr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5883326b2b3f873b680f7744e1a2086f6926d6ef30df987b14b2eb7b9f4a6bbb

Files

5883326b2b3f873b680f7744e1a2086f6926d6ef30df987b14b2eb7b9f4a6bbb
.dll windows:5 windows x86 arch:x86

56bc8c12a6375b87a8bef4d2c44e3e6d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mprapi

MprAdminMIBEntryGetFirst

kernel32

GetModuleHandleW
LoadLibraryExA
GetUserDefaultLangID
OutputDebugStringA

user32

GetSystemMenu
ReleaseCapture
SetClipboardViewer
TrackPopupMenu

advapi32

RemoveUsersFromEncryptedFile
CryptEnumProvidersW

oleaut32

SafeArrayCreateVector

gdi32

AbortDoc

Exports

Exports

VzhhoaeEnwsasio

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.crt
Size: 4KB - Virtual size: 75B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.data
Size: 204KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ