efb15fa9dc4bc87d8b023c5301f3953bc2cf600aab8e32066dc876bcfb0ebc5e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

efb15fa9dc4bc87d8b023c5301f3953bc2cf600aab8e32066dc876bcfb0ebc5e
Size

78KB
MD5

d2fc8dcc1cddc0849d910713b5eb390e
SHA1

460e432ca9bb29babf9c202777e47720f599af77
SHA256

efb15fa9dc4bc87d8b023c5301f3953bc2cf600aab8e32066dc876bcfb0ebc5e
SHA512

0515df1fda75d2b6b04838417df545367d84da24036c17925e5c7b48bf7b74fb3805e7e13c4e072323a5a6f274f222c653dad06ba9c121a2c075521e1a402fdb
SSDEEP

1536:UmkgRjKOPM82q2qstg4QeV/EVWUXLNjUYphlN:UmV3Pz2fgneV8tXp9jz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efb15fa9dc4bc87d8b023c5301f3953bc2cf600aab8e32066dc876bcfb0ebc5e

Files

efb15fa9dc4bc87d8b023c5301f3953bc2cf600aab8e32066dc876bcfb0ebc5e
.dll windows:5 windows x86 arch:x86

3b5ba0c1a026aa9aca8bc16267d62ad0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
FreeLibrary
GetTickCount
GetProcAddress
VirtualProtect
IsBadReadPtr
lstrcmpiA
LoadLibraryA
VirtualAlloc
GetModuleHandleA
CreateThread

user32

LoadIconA
SendMessageA
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
RegisterClassExA
LoadCursorA
DefWindowProcA
SetTimer
KillTimer

Exports

Exports

sfgsdfsdfs
sfsdfsfsdf
start

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 687B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ