b9c6307063cc5ddeb86260c9bf4b1d41f48d254d42ead322d79ef6399233234b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b9c6307063cc5ddeb86260c9bf4b1d41f48d254d42ead322d79ef6399233234b
Size

7KB
MD5

e79ae677155813ee0b51f4d67f06c19c
SHA1

259c743f30c29ded1164b9ad9b61914a930e8599
SHA256

b9c6307063cc5ddeb86260c9bf4b1d41f48d254d42ead322d79ef6399233234b
SHA512

ad5140017926dfb9ee0bf9910db6ed437e20b80c708b4705663bcc4d5c91a1ea0e318a33a053c5489a8e5c77fa913b313f673f1001281023dc12150197c4a7ef
SSDEEP

192:6KY0YS/qeTFz7Tzs86kdFgmELUQo4/RG2EqMK9jp:6kFd36kHgaDMG2EqF9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9c6307063cc5ddeb86260c9bf4b1d41f48d254d42ead322d79ef6399233234b

Files

b9c6307063cc5ddeb86260c9bf4b1d41f48d254d42ead322d79ef6399233234b
.dll windows:6 windows x64 arch:x64

24588cb7de9f6ab19773827cb092a7af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
VirtualAlloc
GetSystemDirectoryA
LoadLibraryA
WritePrivateProfileStringA
GetProcAddress
SystemTimeToFileTime
GetSystemTime
VirtualProtect
VirtualQuery

shlwapi

SHRegSetUSValueA
StrStrIW

Exports

Exports

AlphaBlend
GradientFill
TransparentBlt

Sections

.
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE