0898e929927a0a7ac1c0738c4f3451954fb898f1d9c5f3014a802da5dcfed54f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0898e929927a0a7ac1c0738c4f3451954fb898f1d9c5f3014a802da5dcfed54f
Size

12.0MB
MD5

6df2f332a6ef9a9d11e3d64bab33c210
SHA1

fd2c033366f5f334f7ce1d6edd847e29413b225a
SHA256

0898e929927a0a7ac1c0738c4f3451954fb898f1d9c5f3014a802da5dcfed54f
SHA512

6dd79b9a3d02246f8e28f719a515e1cdd87f7a9d40b2ea4dd28fd44987e5687c9292275db0f2832ef1470c42e7b027ca02b5deeaaa4d0d7ee7d66beff8e92e51
SSDEEP

196608:BuHAmgtWnA97CK5m77EVZf3ziaI8OSL0+q+ES7iGvJ90HJ4EsN9jkLPf9rUPKbSQ:BuHBg4cebEz3j5Lhi6x29sHoPFs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0898e929927a0a7ac1c0738c4f3451954fb898f1d9c5f3014a802da5dcfed54f

Files

0898e929927a0a7ac1c0738c4f3451954fb898f1d9c5f3014a802da5dcfed54f
.dll windows:6 windows x86 arch:x86

a65d428969fb2953ed2c9dd8cfa9fb68

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

getservbyport

crypt32

CertGetCertificateContextProperty

kernel32

GetTimeFormatW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetProcessWindowStation

advapi32

CryptEnumProvidersW

bcrypt

BCryptGenRandom

Sections

.text
Size: - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 589KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.v8h
Size: - Virtual size: 6.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.*`K
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.-n|
Size: 12.0MB - Virtual size: 12.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 233B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ