MSIE5A[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

MSIE5A.dll
Size

5.5MB
MD5

55282c7d2a483cfa9cffd7752c0e0c88
SHA1

81325abb4b35d23b1ebae08b2febf325217ae353
SHA256

6c596efe9f4c63a592c0ad9e42c936151479c93d0f55731973723bb517e29a75
SHA512

f9604b5b54689964a51cb9fa752e9d28a31b26fe2e11fc2dfd14384a3085079f6d85113fcc60b899ff98ba7289e3ff16ef3bf9bdaa24027179df1e23bac27673
SSDEEP

98304:e3OtZdlWPDRabO7mev+fRh3/nwvuXD1jNmSER3bv+QSKpa8A2yxHXZUkGFWgNH8n:dtZdYPgbOi5Ma8b0KRNyxHWkyWX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
MSIE5A.dll

Files

MSIE5A.dll
.dll windows x86

26743bd67965998be9966d88940cc6ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

comctl32

FlatSB_SetScrollInfo

shell32

Shell_NotifyIconW

user32

CopyImage

version

GetFileVersionInfoSizeW

oleaut32

SafeArrayPutElement

advapi32

RegEnumKeyExW

netapi32

NetWkstaGetInfo

msvcrt

memcpy

winhttp

WinHttpGetIEProxyConfigForCurrentUser

kernel32

GetVersion
GetVersionExW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

ole32

CreateBindCtx

gdi32

Pie

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
hZYMZiLEu

Sections

=*A)rXys
Size: - Virtual size: 6.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

bhUN`,N]
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

3>d\1"=?
Size: - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

&CzlNb;m
Size: - Virtual size: 32KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/YRT:wUg
Size: - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

C;)ion6g
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bqN@:6?o
Size: - Virtual size: 174B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

")M<]yp'
Size: - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

9VYcUW0'
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

[:.>\lq"
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

'D=>)JmF
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

HoHLY*14
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

KhL18EFz
Size: 8KB - Virtual size: 430KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26743bd67965998be9966d88940cc6ad

Headers

File Characteristics

Imports

comctl32

shell32

user32

version

oleaut32

advapi32

netapi32

msvcrt

winhttp

kernel32

ole32

gdi32

Exports

Exports

Sections

=*A)rXys Size: - Virtual size: 6.5MB

bhUN`,N] Size: - Virtual size: 18KB

3>d\1"=? Size: - Virtual size: 87KB

&CzlNb;m Size: - Virtual size: 32KB

/YRT:wUg Size: - Virtual size: 14KB

C;)ion6g Size: - Virtual size: 8KB

bqN@:6?o Size: - Virtual size: 174B

")M<]yp' Size: - Virtual size: 69B

9VYcUW0' Size: - Virtual size: 1.7MB

[:.>\lq" Size: 3KB - Virtual size: 3KB

'D=>)JmF Size: 5.5MB - Virtual size: 5.5MB

HoHLY*14 Size: 7KB - Virtual size: 6KB

KhL18EFz Size: 8KB - Virtual size: 430KB

=*A)rXys
Size: - Virtual size: 6.5MB

bhUN`,N]
Size: - Virtual size: 18KB

3>d\1"=?
Size: - Virtual size: 87KB

&CzlNb;m
Size: - Virtual size: 32KB

/YRT:wUg
Size: - Virtual size: 14KB

C;)ion6g
Size: - Virtual size: 8KB

bqN@:6?o
Size: - Virtual size: 174B

")M<]yp'
Size: - Virtual size: 69B

9VYcUW0'
Size: - Virtual size: 1.7MB

[:.>\lq"
Size: 3KB - Virtual size: 3KB

'D=>)JmF
Size: 5.5MB - Virtual size: 5.5MB

HoHLY*14
Size: 7KB - Virtual size: 6KB

KhL18EFz
Size: 8KB - Virtual size: 430KB