b5268dc70cd327b4de41920d63d318ea21e9f1b2a2564c7a7a2ec49fdc26b0f6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b5268dc70cd327b4de41920d63d318ea21e9f1b2a2564c7a7a2ec49fdc26b0f6
Size

2.4MB
MD5

98a57a1a1ab3fa46fcc7ec0755fe266d
SHA1

a9a0687eb747e300660d0ff735a49eba7764d7ef
SHA256

b5268dc70cd327b4de41920d63d318ea21e9f1b2a2564c7a7a2ec49fdc26b0f6
SHA512

c1fc40b9b26c8454749ccdd36bdcc3036195f0433d6eefd3ff5f7ad737547db46179b93ee574d0a4e2b091c660ce25c01cf5dbbccafeb19f7dffdc4e26eb2262
SSDEEP

49152:b3Bg7C4hpmuw8tT+/wov16GgCceVZdd0Rou1/vzTNcGIIodE:buJTLwW+Yod6GhcCvdcd1XzrIIodE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5268dc70cd327b4de41920d63d318ea21e9f1b2a2564c7a7a2ec49fdc26b0f6

Files

b5268dc70cd327b4de41920d63d318ea21e9f1b2a2564c7a7a2ec49fdc26b0f6
.dll regsvr32 windows x86

80a3a1e9ee7f23e76fab64272f257205

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

InvalidateRect

gdi32

CreateRoundRectRgn

advapi32

RegEnumValueA

ole32

CoRegisterMessageFilter

oleaut32

SysAllocStringLen

shlwapi

UrlUnescapeA

oledlg

ord8

ws2_32

inet_addr

wininet

HttpQueryInfoA

oleacc

CreateStdAccessibleObject

winspool.drv

DocumentPropertiesA

comdlg32

GetFileTitleA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 2.2MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE