837ad6446b20555dd272f7be76d0891f19b2fa59229ae49c0169665a309aa7c2N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

837ad6446b20555dd272f7be76d0891f19b2fa59229ae49c0169665a309aa7c2N
Size

37KB
MD5

021fb1a7d87d77a86a3267806f0a59c0
SHA1

f307f498264f6b28069938017ce5424422a26c7d
SHA256

837ad6446b20555dd272f7be76d0891f19b2fa59229ae49c0169665a309aa7c2
SHA512

f6d429e244be7e5b7233a8802bcc490fe428d8db372724515897fd222c177b0800f4170b91e373b9a1b99d45e59af765e283885a9e89667878c8d9e7948be3b6
SSDEEP

768:nmEqHQrmUmb43gqtMUyKM52ptcKHACNmMqWNU+KdRpWbSDHCHFAHM:mEqHQN1ZiUtcAloMqqU+aS2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
837ad6446b20555dd272f7be76d0891f19b2fa59229ae49c0169665a309aa7c2N

Files

837ad6446b20555dd272f7be76d0891f19b2fa59229ae49c0169665a309aa7c2N
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DisconnectHandler
LockHandler
LogoffHandler
LogonHandler
PostShellHandler
ReconnectHandler
ShutdownHandler
StartScreenSaverHandler
StartShellHandler
StartupHandler
StopScreenSaverHandler
UnLockHandler

Sections

CODE
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 382B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ