0457768f9d8d70ff59275c27bc99d45c1c48cf1e932d29c3f2e9d5e037acd802[.]zip

General

Target

0457768f9d8d70ff59275c27bc99d45c1c48cf1e932d29c3f2e9d5e037acd802.zip
Size

561KB
MD5

9349bd5ad7e9775b2b7e0acd6975c971
SHA1

66974b1e59613e51dfe87279691fc04aa7e0c80c
SHA256

48eb709102991af6a20e5bb924a7fdce72427953a09d49e13275a23ee4cc7aef
SHA512

4f91068ed268daee060bcfb3870272550201ef4118324a6506998b9c5084ad5f5b27556be15a9754ac28a73a2edb79ab493f65582c87ced3ca51a368162d09bc
SSDEEP

12288:qS4heD7AidSaAO/wZaaVy0VNXL4vtprT+9axmrTlHP/EgYd2:qS4heDUidSaA+qVrVNb4vTWKmrhv/rR

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/0457768f9d8d70ff59275c27bc99d45c1c48cf1e932d29c3f2e9d5e037acd802.dll

0457768f9d8d70ff59275c27bc99d45c1c48cf1e932d29c3f2e9d5e037acd802.zip
.zip

Password: infected
0457768f9d8d70ff59275c27bc99d45c1c48cf1e932d29c3f2e9d5e037acd802.dll
.dll regsvr32 windows:6 windows x86 arch:x86

Password: infected

fd5af0ab7a5a3177d30a084a47566c4a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

RtlComputeCrc32

kernel32

GetCommandLineW
lstrcpyW

shell32

CommandLineToArgvW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.text
Size: 218KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data2
Size: 420KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ