2aea8e847a17319f78b9e8a1d3b6c48611cfc02e216ecd7af3a72f6720f1cd7d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2aea8e847a17319f78b9e8a1d3b6c48611cfc02e216ecd7af3a72f6720f1cd7d
Size

831KB
MD5

b9ea0fc024772c9043724cf976213067
SHA1

27939372245d21e5f0d8b3b6432d2f08a6e53131
SHA256

2aea8e847a17319f78b9e8a1d3b6c48611cfc02e216ecd7af3a72f6720f1cd7d
SHA512

28c7683367ebc0fcc2775066bb6697f97aaea1e12b40b2f3694803730d3d9cb19fcd3c2e63cad07ba49fcd5f9283b1085f2fa141db6f13dbb036534ce8f4e4b3
SSDEEP

24576:jhAHIpERdxj+7TPpcPYBKiAYXwYLkIXyMjpD:KopEJi3PpcOVxJD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2aea8e847a17319f78b9e8a1d3b6c48611cfc02e216ecd7af3a72f6720f1cd7d

Files

2aea8e847a17319f78b9e8a1d3b6c48611cfc02e216ecd7af3a72f6720f1cd7d
.dll regsvr32 windows:4 windows x86

5d2f5abeca268ec50902fd2ebeb9c4ed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvbvm60

__vbaVarTstGt

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 817KB - Virtual size: 26.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE