39f9c1443f06ffa24a1ca596966919dd7f9cb4f95a716812e87652f93eeb50cdN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39f9c1443f06ffa24a1ca596966919dd7f9cb4f95a716812e87652f93eeb50cdN
Size

120KB
MD5

471365f8a076d90501b7ac8a37d50120
SHA1

29ed74f096e7a473f4e413dcaeeb2f04dc9707e6
SHA256

39f9c1443f06ffa24a1ca596966919dd7f9cb4f95a716812e87652f93eeb50cd
SHA512

cfe6a0b10c26843859c9d8453802cb46fbe18795b85218f8dbe793e5ee4b5ea03c17a5e7e7a56c912bd2de1c6be955328d886413c4a2b9e9007fd4cb444492e3
SSDEEP

1536:R68BvU6rIhZQPpkXLo2kB+7iWuNAC2WL/uxRBygV9kOaOhYqrWiof:R6svUS4QgS7WAAtWL/uxRIgrxvn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39f9c1443f06ffa24a1ca596966919dd7f9cb4f95a716812e87652f93eeb50cdN

Files

39f9c1443f06ffa24a1ca596966919dd7f9cb4f95a716812e87652f93eeb50cdN
.dll windows:4 windows x86 arch:x86

0f44bf2b3b0b8d5ecae5689ff1d0e90d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetTickCount
lstrcpyA
lstrcatA
lstrlenA
GetTempPathA
SetErrorMode

user32

wsprintfA

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ