32596bd72b309c83a010127259378bca3bff0c0ccdab40dd8f8cab043e352693 | Triage

Sharing

General

Target

32596bd72b309c83a010127259378bca3bff0c0ccdab40dd8f8cab043e352693
Size

406KB
MD5

0c5b51dbbb3cb44af72a4bf8b33948bd
SHA1

ebe4b2f9c7ad320bc6a5dd79d355f0d3625f128d
SHA256

32596bd72b309c83a010127259378bca3bff0c0ccdab40dd8f8cab043e352693
SHA512

f90c67173a46ee8ddbe7eac4b96a0d7ba300e9c8127a2798ce65f4de1a385e0308f7310c9996435524c2790dadcf4942152058ac5aa1832dd9a2367d2f44b866
SSDEEP

12288:VK75OOKUuV0WzULTcl9vuTU2kHe6h3oI7ScBZ4:VKBk0I6Q4U2kbx+EZ4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32596bd72b309c83a010127259378bca3bff0c0ccdab40dd8f8cab043e352693

Files

32596bd72b309c83a010127259378bca3bff0c0ccdab40dd8f8cab043e352693
.dll windows:4 windows x86 arch:x86

3887f4ec198a4daafbdb5b19ad68b162

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
DuplicateHandle
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
GetCommandLineA
OpenProcess
FreeLibrary
GetProcAddress
LoadLibraryA
LCMapStringA
DeleteCriticalSection
CreateThread
VirtualProtect
GetModuleFileNameA
Sleep

psapi

GetProcessImageFileNameA

user32

DispatchMessageA
wsprintfA
GetWindowThreadProcessId
IsWindow
GetDesktopWindow
MessageBoxA
GetMessageA
PeekMessageA
TranslateMessage

msvcrt

atoi
_ftol
floor
_CIfmod
strrchr
strchr
free
strstr
malloc

Exports

Exports

Hello

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.vlizer
Size: 378KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE