0c936070b7daa85ec7543bd22adb17f3d38925b47a6a6ce1f780a5e6e64147dd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c936070b7daa85ec7543bd22adb17f3d38925b47a6a6ce1f780a5e6e64147dd
Size

508KB
MD5

3b377abf9bc9e1dfa81c39f3f19b640d
SHA1

720d829b6247e301ee7dba8c23a9e7452cc77f5b
SHA256

0c936070b7daa85ec7543bd22adb17f3d38925b47a6a6ce1f780a5e6e64147dd
SHA512

250448bb2eefdcbbba569c5fc5a5d6f1e95698a245292d59054a46d1652a16b8b7cce16697caa279b844610cdfae1201516b08d4962c851e4c47afee45c543cd
SSDEEP

12288:JmfVL3hV+AvZYm95rsCEZRpr2ApJ4+lBC49J:JmNDjvZYI4XZRpCApSI7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c936070b7daa85ec7543bd22adb17f3d38925b47a6a6ce1f780a5e6e64147dd

Files

0c936070b7daa85ec7543bd22adb17f3d38925b47a6a6ce1f780a5e6e64147dd
.dll windows:4 windows x86 arch:x86

823923e8ca7666456f302c50d232fb85

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

midiStreamClose

ws2_32

closesocket

rasapi32

RasHangUpA

user32

GetClassNameA

gdi32

ExtSelectClipRgn

winspool.drv

OpenPrinterA

advapi32

RegCloseKey

shell32

Shell_NotifyIconA

ole32

OleInitialize

oleaut32

UnRegisterTypeLi

comctl32

ord17

wininet

InternetCanonicalizeUrlA

comdlg32

GetSaveFileNameA

Exports

Exports

CInit
CUnInit
_��ڴ��е�DLL
_ȡ�ڴ�DLL��ַ

Sections

.text
Size: 495KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE