e4ebbc8dc10c757fe5d29da43e23293dcf3d115cd87bb98799a1fe4e074830c2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e4ebbc8dc10c757fe5d29da43e23293dcf3d115cd87bb98799a1fe4e074830c2
Size

3KB
MD5

b9fcd80da7264549c7f3992a4d1eaf01
SHA1

b6effb9d5eaa5ab299a4b400e12511a6465ab029
SHA256

e4ebbc8dc10c757fe5d29da43e23293dcf3d115cd87bb98799a1fe4e074830c2
SHA512

48cff3fda468de9c9c68d4098900df409b9494c8b92bf523ccb2c742f5350d6d979a80911348b1cf3bc036fddc13d30a9310634206e5e04e28dd435fddb10bf3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e4ebbc8dc10c757fe5d29da43e23293dcf3d115cd87bb98799a1fe4e074830c2

Files

e4ebbc8dc10c757fe5d29da43e23293dcf3d115cd87bb98799a1fe4e074830c2
.dll windows:4 windows x86 arch:x86

b6f391375d741ab65301de3824d105be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateMutexA
CreateProcessA
GetLastError
GetModuleFileNameA
ReleaseMutex
lstrcpyA
lstrlenA

Sections

.text
Size: 1024B - Virtual size: 566B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 307B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 302B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ