b650739b73417864b01904a1512776d7b495f51bc9775e1780c4ebfae67c17e4 | Triage

Sharing

General

Target

b650739b73417864b01904a1512776d7b495f51bc9775e1780c4ebfae67c17e4
Size

188KB
MD5

f7a3c6a8d6de8e08e27c54a1d8396b48
SHA1

2221b1c84777eab0f0026145697acb266a827239
SHA256

b650739b73417864b01904a1512776d7b495f51bc9775e1780c4ebfae67c17e4
SHA512

3e972de01cc624d7890f660bd0bdc898957a9c6b09296607653595f407cdaa593edb13e83da3ce847d636e72f258ae70be1243da258997c17ed57965b51bb6b4
SSDEEP

1536:sdRIWul3x8aGG/1hbaZGBDOOOOOOOOOO+S0OOOOOOOOpFOOOOOOOKifOOOOOOOOQ:yml+s/1B8FiLbbInt+NRyr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b650739b73417864b01904a1512776d7b495f51bc9775e1780c4ebfae67c17e4

Files

b650739b73417864b01904a1512776d7b495f51bc9775e1780c4ebfae67c17e4
.dll windows:4 windows x86 arch:x86

1d5a05cf7aed59c90f3f52d09111adf7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
HeapAlloc
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RtlUnwind

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ