DllRegisterServer
Static task
static1
Behavioral task
behavioral1
Sample
d3d24cfc0f5d15b4f6160e539f45a7786fce3be249d56811e9b7f0368967e396.dll
Resource
win7-20230712-en
General
-
Target
11606333877.zip
-
Size
318KB
-
MD5
a3044047bcd338a7e16a05b0900c2826
-
SHA1
2609bcd0912809d1dfa43066b6bcde08fcf1d7ab
-
SHA256
c37b38c013fe3e845e9bee5697e21d5cc3a43d156d31a09dd9e6e537a7de1cf4
-
SHA512
dc7c05ffd3b3c50fb0901804742ac39c4ff76e93a74659df8f40a7ffa148cb0e72df6d029cf4759e44ab70501ad31eb195f0c736155133981112ba0f096006c8
-
SSDEEP
6144:khRBgaEH58WX6PPtV3yd9cu5xGLXteCbiUqKFw+YrR0JpCYfvS0/:kh9Y51X6PPb/GGrteCbi9KPYrbY3S0/
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/d3d24cfc0f5d15b4f6160e539f45a7786fce3be249d56811e9b7f0368967e396
Files
-
11606333877.zip.zip
Password: infected
-
d3d24cfc0f5d15b4f6160e539f45a7786fce3be249d56811e9b7f0368967e396.dll regsvr32 windows x86
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Exports
Exports
Sections
.text Size: 46KB - Virtual size: 45KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 260B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pht Size: 553KB - Virtual size: 553KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ