67796b52a20bd50e22c6993051b1df7952cce140a66a1c981e608a7af6c1c487 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67796b52a20bd50e22c6993051b1df7952cce140a66a1c981e608a7af6c1c487
Size

924KB
MD5

c13a6fa9ad3b272a13d7d9706781e74b
SHA1

efb20bfdca37416057b220ccdd4b07607d8ca4cd
SHA256

67796b52a20bd50e22c6993051b1df7952cce140a66a1c981e608a7af6c1c487
SHA512

f34c91a077d5ab99244f32807edb4190e775f7668f686c4b9613453924b3f33df27aa7653192aae06d738206e7de6b352af8a75be7441ca480eb8d7c001fd600
SSDEEP

24576:1UUrelDKKOc0heGVsFRNcSNjV61SXmYjo+5sojAFxbn8j:PLn70YsFR392Oobojcxbn8j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67796b52a20bd50e22c6993051b1df7952cce140a66a1c981e608a7af6c1c487

Files

67796b52a20bd50e22c6993051b1df7952cce140a66a1c981e608a7af6c1c487
.dll windows:5 windows x86 arch:x86

d9a999b49873c32b2f3e3406d6fe0f95

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW

user32

GetParent

advapi32

RegCloseKey

oleaut32

VarUdateFromDate

crypt32

CryptQueryObject

msvcr120

_errno

comctl32

ImageList_ReplaceIcon

iphlpapi

GetAdaptersInfo

version

GetFileVersionInfoA

ole32

CoTaskMemFree

gdi32

GetObjectA

mfc120

ord3529

shell32

SHGetIconOverlayIndexA

ws2_32

select

Exports

Exports

?Export18@@YAHPBD000PAUHWND__@@HHPAH2PAD@Z
Export1
Export10
Export11
Export12
Export13
Export14
Export15
Export16
Export17
Export19
Export2
Export3
Export4
Export5
Export6
Export7
Export8
Export9

Sections

Size: - Virtual size: 272KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 414KB - Virtual size: 414KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 96KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE