89c044dbc2d50a5ff866718db8f186223400d628e6de0136f0c557f4d5b87442N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

89c044dbc2d50a5ff866718db8f186223400d628e6de0136f0c557f4d5b87442N
Size

371KB
MD5

183867034d62ca14db96f1c2003c6df0
SHA1

782f5be883b4cd7f3c11dd5d2f9c09e0394d4986
SHA256

89c044dbc2d50a5ff866718db8f186223400d628e6de0136f0c557f4d5b87442
SHA512

92ca270a8f4024cace7e8ce8c8a9ccf790548b5e5ea13e602948657b74a0cc0192e0eaf00e6babbce1f3de3fb885e98545b8d15fea0a508731bb97d14993803e
SSDEEP

6144:phQk8oJuQe099Yk7ZHq/MiR1FJ8VgpcmItmXB5S7CDyaX9V3p4:3Oo0Qe099t1HYzzFylntE5kKyaX7Z4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89c044dbc2d50a5ff866718db8f186223400d628e6de0136f0c557f4d5b87442N

Files

89c044dbc2d50a5ff866718db8f186223400d628e6de0136f0c557f4d5b87442N
.dll windows:4 windows x86 arch:x86

e8d6aeb790907e9332bcb5651419c64a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetLocaleInfoA
GetLongPathNameA
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleMouseButtons
GetProcAddress
GetProcessPriorityBoost
GetStartupInfoA
GetACP
GetTapeStatus
GetThreadLocale
GetTickCount
InitializeCriticalSection
InterlockedExchange
LoadLibraryA
Module32FirstW
Process32First
QueryPerformanceCounter
VirtualAlloc
WaitForSingleObject
lstrlenW
FreeLibrary
FatalExit
ExitProcess
GetSystemTimeAsFileTime
CreateProcessA

advapi32

RegOpenKeyExA
RegEnumKeyA
RegCloseKey
RegQueryValueExA

ole32

StringFromCLSID
CoTaskMemFree

Exports

Exports

LoadVolumeFromVolume
MatrixDecompose
SHDot
SHEvalSphericalLight
SchemaIsClassAContainer

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ