56ee92cfb9e07bfc1d9867c68f8c37d455cf07d61103975b071324188d814ebe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

56ee92cfb9e07bfc1d9867c68f8c37d455cf07d61103975b071324188d814ebe
Size

6KB
MD5

bf3b35966d9d391c8c9d4a5714e956a4
SHA1

5194075e8537506f458ddf778f4da3997c33c5e7
SHA256

56ee92cfb9e07bfc1d9867c68f8c37d455cf07d61103975b071324188d814ebe
SHA512

d65e44a6986182944a3e33e5f0d3b817386ea2cca168a973401df21e81f2c4c3df2388a98c45bde00e171cc3cde6a0c21c8c1118b5e6790a7f87ff5234ff3b58
SSDEEP

96:DixZjmjtjd8jPjcZGR5TIe+anTGrM4H5kCK6n6q4TeVU636y14vs:unSR6bgY+aq4ouc7IGVOs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56ee92cfb9e07bfc1d9867c68f8c37d455cf07d61103975b071324188d814ebe

Files

56ee92cfb9e07bfc1d9867c68f8c37d455cf07d61103975b071324188d814ebe
.dll windows:5 windows x86 arch:x86

33eb74cdd77dab1b168bbaa130115a9d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadFile
CreateFileW
GetProcAddress
LoadLibraryW

user32

PostMessageW

msvcrt

free
_initterm
malloc
_adjust_fdiv

Exports

Exports

rundll32

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 503B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ