451674a33a366cb4e0861cdc04bad3f13d8b8eed69f2f24bab82a67fa6a8cabbN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

451674a33a366cb4e0861cdc04bad3f13d8b8eed69f2f24bab82a67fa6a8cabbN
Size

155KB
MD5

2eb086220d1771e7cc8fc31e7b91acc0
SHA1

5f06c0f96e449e37979feb2b13fdf111c0b18733
SHA256

451674a33a366cb4e0861cdc04bad3f13d8b8eed69f2f24bab82a67fa6a8cabb
SHA512

fc015ac6d244c90edaaaecd81b8d50870eed89c846f73c1eb727217d3d8fdd8208dfce8348aa9fbb0ec5ac9ff3afa58fb79829fb0dbf2711652843a25c5ca5a2
SSDEEP

3072:JXyEstoBeZDWYec7glIZCWpf768ufNy/5d:JXyEHBeZDWYTLZCWpug/5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
451674a33a366cb4e0861cdc04bad3f13d8b8eed69f2f24bab82a67fa6a8cabbN

Files

451674a33a366cb4e0861cdc04bad3f13d8b8eed69f2f24bab82a67fa6a8cabbN
.dll windows:4 windows x86 arch:x86

ce361dcaf7c77906d3027bd77eada688

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
GetTickCount

msvcrt

free
malloc

shlwapi

PathFindExtensionW

secur32

QueryCredentialsAttributesA
AcquireCredentialsHandleA
ImportSecurityContextW
AddSecurityPackageA
EncryptMessage
EnumerateSecurityPackagesW

Exports

Exports

EnterAccess
PolyControlStation
URLOpenPFXBlobValidAllocSecurity

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

H
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Rz
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text/BA
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ