f4b170ae1756bdc0a51dce83218c787a3f904eff26bf8e2a2840e44d32871b85N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f4b170ae1756bdc0a51dce83218c787a3f904eff26bf8e2a2840e44d32871b85N
Size

1.1MB
MD5

dcc8cfdc37905c0c1302a4a336362540
SHA1

8e87439052963f02947d4da11f780c6ad083f45c
SHA256

f4b170ae1756bdc0a51dce83218c787a3f904eff26bf8e2a2840e44d32871b85
SHA512

d337aaa10bffddd0003a1598627239d7fa963699eda7320b9ddd74e9ebac344ac10b69b5480762da53807e5af3e1ddb45328bb122c52b860ade03442898cc550
SSDEEP

24576:WHrXCSRDMX/XZDbz+mwiq9yxeD0Vw+OAFC0B2fEReFwe8mwOA:wHM/ZCmOGeD0xBpYwe8mM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4b170ae1756bdc0a51dce83218c787a3f904eff26bf8e2a2840e44d32871b85N

Files

f4b170ae1756bdc0a51dce83218c787a3f904eff26bf8e2a2840e44d32871b85N
.dll windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 2KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 267KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 1020KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rngcaism
Size: 824KB - Virtual size: 824KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nuafrigm
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE