556f89fce83ea0d414cef568c99fba526bf1027972e1445462ed62df540f9a50N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

556f89fce83ea0d414cef568c99fba526bf1027972e1445462ed62df540f9a50N
Size

70KB
MD5

f4fc13d152f59f2defc7dbac61bc29f0
SHA1

ca03227003233282a0a21683aa18b566200c5640
SHA256

556f89fce83ea0d414cef568c99fba526bf1027972e1445462ed62df540f9a50
SHA512

c0c8b3a8ef6d8a59d1214846db73976cba30277872c1444d44a5822ea107d4d1fecf58b83c1a068d9ca6634dd19820afc2afb8db56fcf3c061d1c09fd4ebb378
SSDEEP

1536:g2NNyGkHjkDzELu4U9MCk+HWg2M9NyR8HvVUuAdZ5/yIOsp:guAGWIz8I9M+2gxNyR8iPa8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
556f89fce83ea0d414cef568c99fba526bf1027972e1445462ed62df540f9a50N

Files

556f89fce83ea0d414cef568c99fba526bf1027972e1445462ed62df540f9a50N
.dll windows:4 windows x86 arch:x86

b09e9d40faacccc80f5064ec04df674b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_vsnprintf

gdi32

GetDeviceCaps

user32

GetWindowRect

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 15KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE