dd01b985713a69edbed83e1db3cb79d388894b921bcdf7d9f028c6fb064598e2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd01b985713a69edbed83e1db3cb79d388894b921bcdf7d9f028c6fb064598e2
Size

12.4MB
MD5

b3b0722b5088e3c674bcd02472dc723b
SHA1

368e36cc2b46b86ae540de130151d3806d0c50d5
SHA256

dd01b985713a69edbed83e1db3cb79d388894b921bcdf7d9f028c6fb064598e2
SHA512

e0493659727e7495a30e4f6cc382350469feed6da65bb1f066dbd4c66e99987c5be141f6299b5f63d07bebc0f19b2611cd027b2fc439a36ca19bf71936868d59
SSDEEP

196608:s+MglCMSj2VjC0FL97nP+GuD8gzZLvRfGM3ivEUPYqlze8lPEe7MZiN4AOIA0:zZFL5juD8gnr3wzecPtjOI9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd01b985713a69edbed83e1db3cb79d388894b921bcdf7d9f028c6fb064598e2

Files

dd01b985713a69edbed83e1db3cb79d388894b921bcdf7d9f028c6fb064598e2
.dll windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

PassNgsLoading
_��ӳ��
��_ȡ��·��
Ŀ¼_ȡsystem32Ŀ¼
�ļ�_ȡ��չ��

Sections

Size: 9.9MB - Virtual size: 12.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jtikqdtn
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qvouawib
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE