9d96850f3796e0d6fb050b2d0ce20fdd02f355b07157e3277b1d0d807d9b6e99N | Triage

Sharing

General

Target

9d96850f3796e0d6fb050b2d0ce20fdd02f355b07157e3277b1d0d807d9b6e99N
Size

184KB
MD5

e71c626e7de07c9723b8cd351aa79a30
SHA1

9570402f39d17b6c5e95f26a04b15ab98eb807f8
SHA256

9d96850f3796e0d6fb050b2d0ce20fdd02f355b07157e3277b1d0d807d9b6e99
SHA512

6f962bcac345b56237acc01dba053a047f43f31fbc4dc55a9c68e0e23b2f0928ce80f993f7fbdf3f52c3b1207102718b1c9e16d15853be0e30b075583ab24fa3
SSDEEP

3072:mW8WgWhVnmr6k/6zsRJLNqTXvMU9tb+/HU6ngm3Wx9ixCH0u:t8qh+66QsRdNiBW/06ngm3WexC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
9d96850f3796e0d6fb050b2d0ce20fdd02f355b07157e3277b1d0d807d9b6e99N

Files

9d96850f3796e0d6fb050b2d0ce20fdd02f355b07157e3277b1d0d807d9b6e99N
.dll windows:5 windows x86 arch:x86

eacc1eddf059a6097fd8d34c586d3907

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegOverridePredefKey
RegisterEventSourceW

user32

ShowOwnedPopups

msvcrt

memset

oleaut32

VarBstrFromDec

gdi32

GetFontData

kernel32

GetModuleHandleW
LoadLibraryExA
GetModuleFileNameA

Exports

Exports

FWroeeWqoinnmw

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ