b6f039c5f39fa7366d942d7f138ad34362cf337d43398e23b3cf38e780e52287N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b6f039c5f39fa7366d942d7f138ad34362cf337d43398e23b3cf38e780e52287N
Size

196KB
MD5

3def8a8ee047408b62f0f16f2435b7c0
SHA1

8f206b73f62815811de611b216bcc26a91714742
SHA256

b6f039c5f39fa7366d942d7f138ad34362cf337d43398e23b3cf38e780e52287
SHA512

18b4c84c82078d995ca530705eddef73e9f7667b80e1756ec72a59d114646d77986197ffebd5ac358d3ac0ce23538ebd849a4f93c1a7b2f77d521405f3c34a82
SSDEEP

3072:GTUj3RznaqHquU076NDeELnYDFm4h4/uuw2AAv4NRIb:/zaHl0mNHAvh4PwGgS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6f039c5f39fa7366d942d7f138ad34362cf337d43398e23b3cf38e780e52287N

Files

b6f039c5f39fa7366d942d7f138ad34362cf337d43398e23b3cf38e780e52287N
.dll windows:4 windows x86 arch:x86

9a7d28dd3f152af1c22e91305b9b06f3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetConsoleCP
ExitProcess
IsBadStringPtrA

user32

GetDesktopWindow
ShowWindow
IsWindowUnicode
OpenIcon
AnyPopup
IsWindow

advapi32

RegEnumKeyExW
GetTokenInformation
DuplicateToken
CheckTokenMembership
FreeSid
RegOpenKeyW
RegisterEventSourceW
ReportEventW
DeregisterEventSource
OpenSCManagerW
OpenServiceW
RegDeleteKeyW
QueryServiceConfigW

Exports

Exports

InformationBeInIntoCreated
TechnologiesVersionMechanismTechnology

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 850B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ