2152b063277922682d873734ecf65c90f7be1493ef3fa4aaf21c12f012117fdaN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2152b063277922682d873734ecf65c90f7be1493ef3fa4aaf21c12f012117fdaN
Size

83KB
MD5

2744cf79823336808341be2b3b80a190
SHA1

604e4028179d84fc79e1b7591fa2313ed12400c7
SHA256

2152b063277922682d873734ecf65c90f7be1493ef3fa4aaf21c12f012117fda
SHA512

3d8d3ee540769f542475c93274e4f69cd3677cf4f76dda165696fe909930dca4494adc58d01d65be2b68b9e585beed044a251ec6ee1a5a4c342585dbfdf29b44
SSDEEP

1536:HgqJTsaYYrmmxT7yD2GAnhUaZ2sKGr31UQysNJ:JTZEmxv42G0OaK031UfsNJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2152b063277922682d873734ecf65c90f7be1493ef3fa4aaf21c12f012117fdaN

Files

2152b063277922682d873734ecf65c90f7be1493ef3fa4aaf21c12f012117fdaN
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GetMir1UserPwd
GetMirAServer
HookProc
InstallALLHook
Test

Sections

CODE
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ