09244641ae96677948a9d928d9d9652b34d2c8b92ddfc7cb84afab6bdd5435bd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09244641ae96677948a9d928d9d9652b34d2c8b92ddfc7cb84afab6bdd5435bd
Size

199KB
MD5

db24935474f226f6d270688d577a11cb
SHA1

d923dc42dfe69698def49ad7715ba9cb1639d148
SHA256

09244641ae96677948a9d928d9d9652b34d2c8b92ddfc7cb84afab6bdd5435bd
SHA512

acd28bbd5a5a770028cf7d09e41d84faf7ca3f76c7ebcaf27a9a88fa35dfee10056be552540c4e1b9afead1288eefa023ba637ab666f1a6f6ec34a6b8454a305
SSDEEP

384:gD0c9lJsgmt7gqTPlXbmcxTVyRuyW8ULW:goc9lY7BRrmcxTiU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09244641ae96677948a9d928d9d9652b34d2c8b92ddfc7cb84afab6bdd5435bd

Files

09244641ae96677948a9d928d9d9652b34d2c8b92ddfc7cb84afab6bdd5435bd
.dll windows:5 windows x64 arch:x64

f5d32121ebc75a552f803c9d70e4d4e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

SetLastError
GetCommandLineW
lstrlenW
WriteFile
GetConsoleCP
lstrlenA
CreateFileW
GetVersion
GetLastError
lstrcatW
HeapAlloc
GetProcAddress
HeapQueryInformation
ExitProcess
LCMapStringW
GetModuleHandleW
lstrcmpiA
lstrcmpiW
InitializeSListHead

shell32

CommandLineToArgvW

Exports

Exports

GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA
VerQueryValueW

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ