9837776c1bbee9ca02ab9b4dd760df88d26fd04a6afec9d8fd7e8d0573345f8a | Triage

Sharing

General

Target

9837776c1bbee9ca02ab9b4dd760df88d26fd04a6afec9d8fd7e8d0573345f8a
Size

64KB
MD5

626e0750cb2f17af5824e831fc2e5862
SHA1

6586cf2a864d9a40c97a21a67eb153a849d27148
SHA256

9837776c1bbee9ca02ab9b4dd760df88d26fd04a6afec9d8fd7e8d0573345f8a
SHA512

c9e5827ef180f89dae3f6556861ce611d6208f3f52fc61f71c86e13ee97d328a421bc144d5ae1e66188564518a6ff129c084e610591f6e67de54551e7b1bde67
SSDEEP

1536:mNEglT8gRA4APWfL8lgOii5i4zgi00nh8Y8j:OEYT8yjki14zj8fj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9837776c1bbee9ca02ab9b4dd760df88d26fd04a6afec9d8fd7e8d0573345f8a

Files

9837776c1bbee9ca02ab9b4dd760df88d26fd04a6afec9d8fd7e8d0573345f8a
.dll windows:4 windows x86 arch:x86

78b66e5c7720e8393364b813c462d7a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

I:\src\build\PDK\Simulator\Debug\PDB\Alarm.pdb

Imports

simvcruntimesupport

_allmul
_purecall
_alldiv
??_7type_info@@6B@

Exports

Exports

ComponentLibMain
SysGetRefNum
__ExportDispatchTable
__GetRefNum
__SetPreloadedDispatchTable
__SetRefNum

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ