43351d1c614c1372daa807778b923408c3583499fdb9ee313656c906bca5862e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43351d1c614c1372daa807778b923408c3583499fdb9ee313656c906bca5862e
Size

1.4MB
MD5

7d59914ae8983e86b991864da1ea8777
SHA1

f776d96b2d0ce63f211c2765abb938700c03a26c
SHA256

43351d1c614c1372daa807778b923408c3583499fdb9ee313656c906bca5862e
SHA512

e15779d9fa4d61ba1c761dd4ef6c6532b1aeca6a00b20ed34629750e004b88057bde0fcc2fc77aae3ecc586479d6992f3d30bf9b4bf80339041d9c26a294156a
SSDEEP

24576:es1Xcd8zItQ8yf2LU/HObsWfeTOeqe3fo7AXFOng6uMQPaQNxC/YgnJgb:eWXtzI8uexTaEQ3gpfC/YgnJg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43351d1c614c1372daa807778b923408c3583499fdb9ee313656c906bca5862e

Files

43351d1c614c1372daa807778b923408c3583499fdb9ee313656c906bca5862e
.dll regsvr32 windows:4 windows x86

5d2f5abeca268ec50902fd2ebeb9c4ed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvbvm60

__vbaVarTstGt

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.4MB - Virtual size: 20.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE