cf329d4d5d2dd9bbd427ea56e0fc28d31dce452d25fc6a38a76bcc9b73a3e0d1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf329d4d5d2dd9bbd427ea56e0fc28d31dce452d25fc6a38a76bcc9b73a3e0d1
Size

7.6MB
MD5

aa02488bee04587ea52303d4da635bee
SHA1

bbc8f7a3586ae66320d94a5063d5b36ceff53796
SHA256

cf329d4d5d2dd9bbd427ea56e0fc28d31dce452d25fc6a38a76bcc9b73a3e0d1
SHA512

9e3e1142c3dd6bee52315fbf36ce5c9c43490b71d0e4a1efb9c35ac0ecf00e528fd61d6839736b0e8249e95f5a6d2a7f7ee40794eb95d01a593a21dc9d1f6963
SSDEEP

196608:VWbF4t/GKjDWIpmy8L1Nnad2UB8Ns4lmgDr:uFQWIvyS2UBUD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf329d4d5d2dd9bbd427ea56e0fc28d31dce452d25fc6a38a76bcc9b73a3e0d1

Files

cf329d4d5d2dd9bbd427ea56e0fc28d31dce452d25fc6a38a76bcc9b73a3e0d1
.dll windows:5 windows x86 arch:x86

f6f490608e1f459ec6b366fd6ec704b8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExW

user32

IsWindow

advapi32

RegQueryValueExA

shlwapi

StrChrA

iphlpapi

GetAdaptersInfo

ws2_32

setsockopt

Exports

Exports

Fix_Info

Sections

.text
Size: - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.N'C
Size: - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.+lQ
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.7;v
Size: 7.6MB - Virtual size: 7.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ