9c0b7f15cf4fe99d1a2d5bd9088b52e3fd709030d1fddca9124cf65b77b7da1dN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9c0b7f15cf4fe99d1a2d5bd9088b52e3fd709030d1fddca9124cf65b77b7da1dN
Size

32KB
MD5

083489b8868cdfa1063664a22c4f49a0
SHA1

0eb535469bf2b60112f3a4c1f470f8b566cdbb35
SHA256

9c0b7f15cf4fe99d1a2d5bd9088b52e3fd709030d1fddca9124cf65b77b7da1d
SHA512

898c645991556a8c72cd3fef322274f2a49cfd263441101983f7e54ffaf6ec62656db126e6601b7ac76be592d0e8362f6935b87dbb7a075c52a55439a39bb077
SSDEEP

768:1dv3VqpkXc0vVaFYMifHgNH9KxnVbgvqxNxfK/Y/+Jf:1dv3VqpkXc0vVaFYM3NH9KxnKvKNxfKD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9c0b7f15cf4fe99d1a2d5bd9088b52e3fd709030d1fddca9124cf65b77b7da1dN

Files

9c0b7f15cf4fe99d1a2d5bd9088b52e3fd709030d1fddca9124cf65b77b7da1dN
.dll windows:10 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-synch-l1-1-0.pdb

Exports

Exports

AcquireSRWLockExclusive
AcquireSRWLockShared
CancelWaitableTimer
CreateEventA
CreateEventExA
CreateEventExW
CreateEventW
CreateMutexA
CreateMutexExA
CreateMutexExW
CreateMutexW
CreateSemaphoreExW
CreateWaitableTimerExW
DeleteCriticalSection
EnterCriticalSection
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSRWLock
LeaveCriticalSection
OpenEventA
OpenEventW
OpenMutexW
OpenSemaphoreW
OpenWaitableTimerW
ReleaseMutex
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ReleaseSemaphore
ResetEvent
SetCriticalSectionSpinCount
SetEvent
SetWaitableTimer
SetWaitableTimerEx
SleepEx
TryAcquireSRWLockExclusive
TryAcquireSRWLockShared
TryEnterCriticalSection
WaitForMultipleObjectsEx
WaitForSingleObject
WaitForSingleObjectEx

Sections

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ