9b557bc81f0edefc594337a621bf803446df892a2de1ac0dff36d83b392b74e4N | Triage

Sharing

General

Target

9b557bc81f0edefc594337a621bf803446df892a2de1ac0dff36d83b392b74e4N
Size

208KB
MD5

7b9b5484b8906234c1a4641455f3c250
SHA1

80e396ced1c8834341d5ed7457e9e7e686c09e5b
SHA256

9b557bc81f0edefc594337a621bf803446df892a2de1ac0dff36d83b392b74e4
SHA512

76dc8db429a0d2d3d7dea1d2c3b5414e4cb58e860cfe3e0c96eb4c4dd838977a805468fb0bcc0d90abbab4dd488e5d5f29b2d996acdb3a11f017fdd510d24744
SSDEEP

3072:T0DpemgVst0qciSU12Eu/CSWznEeNd2LcT65hQt8Cz9B0k6Xq:SpepU127CjzEexUQSq9BH6X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b557bc81f0edefc594337a621bf803446df892a2de1ac0dff36d83b392b74e4N

Files

9b557bc81f0edefc594337a621bf803446df892a2de1ac0dff36d83b392b74e4N
.dll windows:5 windows x86 arch:x86

e39e4bc2a01a977f85e5be2edea20c09

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

OffsetClipRgn

kernel32

CloseHandle
LoadLibraryA
OutputDebugStringA
GetModuleHandleW
GetSystemDefaultUILanguage
GetPriorityClass

wintrust

CryptCATAdminCalcHashFromFileHandle

user32

GetMenuState
TranslateMessage
EnumDisplayDevicesW
DragDetect

advapi32

CloseEncryptedFileRaw
RegLoadAppKeyW

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 124KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ