a4acf0a4e531467585c49c47df8edda80bea771d08bfefca1e794974b5bc56b9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4acf0a4e531467585c49c47df8edda80bea771d08bfefca1e794974b5bc56b9
Size

7KB
MD5

8cdadb922da29fb5fb98be522ed62ba1
SHA1

90d7e1a2516efc0dbb5218cf08c5fc342ea381f2
SHA256

a4acf0a4e531467585c49c47df8edda80bea771d08bfefca1e794974b5bc56b9
SHA512

7cf5fc8ff25808a034bbddc3e0cf5e20e2a92f3c659094851f45687bbe727ae6dc8d5d5e161a8fd1819ef29c2f3888c9cc47f20e2113e233c6fdd83616001a53
SSDEEP

96:DixZjmjtjd8jPjcZGR5TIDslERLx7NFXk/qXzXVK9Z11Trqg:unSR6bgYqMERLx7NNXZK9zRz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4acf0a4e531467585c49c47df8edda80bea771d08bfefca1e794974b5bc56b9

Files

a4acf0a4e531467585c49c47df8edda80bea771d08bfefca1e794974b5bc56b9
.dll windows:5 windows x86 arch:x86

33eb74cdd77dab1b168bbaa130115a9d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadFile
CreateFileW
GetProcAddress
LoadLibraryW

user32

PostMessageW

msvcrt

free
_initterm
malloc
_adjust_fdiv

Exports

Exports

rundll32

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 503B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ