487c2601a913666c5cca299d0825a581f76085adbe85dfec57945d855bb00495 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

487c2601a913666c5cca299d0825a581f76085adbe85dfec57945d855bb00495
Size

374KB
MD5

92e47c741faa3aa2720063ae5b4cc5df
SHA1

ece3f757c6b196faa6c8580b09d99c53c066cd2f
SHA256

487c2601a913666c5cca299d0825a581f76085adbe85dfec57945d855bb00495
SHA512

c61e3c19c1bc0cbb28f7e7581b119c9f2b47dff083696c55d4753976d77357d70704181c31d8fcdc83739bade03530bb9c5fa960798401fa930c78aed2ad86b0
SSDEEP

6144:n8FfByQUbL2FAuDByJiKSB8qIBZ4QXfx7Nq9IyuMv4oZ3Ct79+GKDX++VGxU0GHB:+ByHbL2iubG5BZ4Q57mtiA3cQrDX++V0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
487c2601a913666c5cca299d0825a581f76085adbe85dfec57945d855bb00495

Files

487c2601a913666c5cca299d0825a581f76085adbe85dfec57945d855bb00495
.dll regsvr32 windows x86

d69c6479660f6fc7022a75a7d35f4ebe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvbvm60

__vbaVarSub

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 365KB - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE