9d9a3f3810110455adb31d5787313df0f17361fb5aed3daf80d81fefd60851e8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9d9a3f3810110455adb31d5787313df0f17361fb5aed3daf80d81fefd60851e8
Size

6KB
MD5

66e9bb364a75b6308b48e25e4d6e9ed8
SHA1

964b71cef96cf8cb8f124b081916ae8f6a15dae5
SHA256

9d9a3f3810110455adb31d5787313df0f17361fb5aed3daf80d81fefd60851e8
SHA512

3a2be7cbfbb7c763f1e7ba5342ae9cf915fe0f78c8b895f050b13b2d20d3a18d90357c690007b6998a6df4ab40fdf785066be7b8768b781245654fdd820e870a
SSDEEP

96:VGEETrMLH5faWfQYQzK1k1r2E/oCXnYcW1QTPq6y/iaOuvSH:efMZ/q1rSC3bW18y6ci3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9d9a3f3810110455adb31d5787313df0f17361fb5aed3daf80d81fefd60851e8

Files

9d9a3f3810110455adb31d5787313df0f17361fb5aed3daf80d81fefd60851e8
.dll windows:5 windows x86 arch:x86

a23064e36a7cee786955ca6fd65d4af8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryW
ReadFile
CreateFileW
GetProcAddress
VirtualAlloc
MoveFileExW

msvcrt

free
_initterm
malloc
_adjust_fdiv

Exports

Exports

rundll32

Sections

.text
Size: 1024B - Virtual size: 646B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 517B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ