ea84536e1ea87dbdc455251d23d7ea63fc4a3835f9adf203a54cc22f47c3e8feN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea84536e1ea87dbdc455251d23d7ea63fc4a3835f9adf203a54cc22f47c3e8feN
Size

4.6MB
MD5

c2d2311f05bc2591db9ad68f28a22ed0
SHA1

bb3769bf0c84cfe9a154abf7c3c0f7c2d52ba318
SHA256

ea84536e1ea87dbdc455251d23d7ea63fc4a3835f9adf203a54cc22f47c3e8fe
SHA512

86e99fb6085eca80847da12a667057df27d924901792c65f41903a6fa7ce2e7b62d30afc9772dbf09a4924bf1a178cca704b54208788c06045e1b56449cef10a
SSDEEP

98304:2u6vOjpN0H3zgdXgK3c8iBxFs2iqkyyMtFHzkYhAxcikKql3Wp:5Bpm2R3ZEtpz5ATkK63u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea84536e1ea87dbdc455251d23d7ea63fc4a3835f9adf203a54cc22f47c3e8feN

Files

ea84536e1ea87dbdc455251d23d7ea63fc4a3835f9adf203a54cc22f47c3e8feN
.dll windows:6 windows x86 arch:x86

b4ca6f0ad0fe5ce382aa3bee0f2fba93

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

Exports

Exports

_SbieDll_Hook@16

Sections

.text
Size: - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.h@n
Size: - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

./=A
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.>q]
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 469B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ