fd407af35ed9a27aaa0b172c804da70573a305319be583213681f989a6677014 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd407af35ed9a27aaa0b172c804da70573a305319be583213681f989a6677014
Size

4KB
MD5

c0c8427a31bfef5b2e2739bc83f086ea
SHA1

46e2c2f6e311eba5a4f6a34f6bff3633e8755299
SHA256

fd407af35ed9a27aaa0b172c804da70573a305319be583213681f989a6677014
SHA512

44d00bf152be3747424e901d5eeacbf5176eba682e5755427b713c4533081be9d14935e6243954cef02403921d9e31962588f0e690bcba2d0858f7fe62bb3945
SSDEEP

48:SWkO0IoyTnXz+ihZjoks8cHak38D5BwXsvQPGk7qF+/lwS4yHL:ZJTnXzvoksv34Bw8vYGUqlKL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd407af35ed9a27aaa0b172c804da70573a305319be583213681f989a6677014

Files

fd407af35ed9a27aaa0b172c804da70573a305319be583213681f989a6677014
.dll windows:5 windows x86 arch:x86

e97a70102cce77bfe0dc571cb46a4352

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileW
VirtualAlloc
ReadFile

user32

MessageBoxA

shell32

ShellExecuteW

msvcrt

_adjust_fdiv
free
_initterm
malloc

Exports

Exports

crys

Sections

.text
Size: 1024B - Virtual size: 558B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 482B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ