8b500fc0bfb7248d7575587de998ab52ae196538b12cf6e85c2b4a0b30bab932 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b500fc0bfb7248d7575587de998ab52ae196538b12cf6e85c2b4a0b30bab932
Size

6KB
MD5

b5ec48bc0d6933ca6713a833bfc5d27c
SHA1

625650c82d62a85a2c76fd997c7a2fecae7ada5c
SHA256

8b500fc0bfb7248d7575587de998ab52ae196538b12cf6e85c2b4a0b30bab932
SHA512

027de5218239363ae71bfd6ab7be3dc0bdcceec2571396e48ce475fea1f5d0ed5e5450f32799f2c811daa66aea9852ebe88a639c50569fc44e9e3aff84296182
SSDEEP

96:zrDnJeMA4cJHKasP10wWtSKec8LeP6+osSiu8OJRU/yxhan2xuDx9BWD4E:3Dn7A4chWYt3e7E6+bSiMRU/Uh02CWE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b500fc0bfb7248d7575587de998ab52ae196538b12cf6e85c2b4a0b30bab932

Files

8b500fc0bfb7248d7575587de998ab52ae196538b12cf6e85c2b4a0b30bab932
.dll windows:6 windows x64 arch:x64

537dce258a98019f30e23d3bffbeb8f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
VirtualAlloc
GetSystemDirectoryA
LoadLibraryA
WritePrivateProfileStringA
GetProcAddress
SystemTimeToFileTime
GetSystemTime
VirtualProtect
GetSystemInfo
VirtualQuery

shlwapi

SHRegSetUSValueA
StrStrIW

Exports

Exports

AlphaBlend
GradientFill
TransparentBlt

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE