15b0d05d6d66e0d7de20cf1b9bd976fd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15b0d05d6d66e0d7de20cf1b9bd976fd
Size

30KB
MD5

15b0d05d6d66e0d7de20cf1b9bd976fd
SHA1

c9fafe0ce6a2cdc1926a19643f8fccdd856f3da0
SHA256

7de51d82e18220d47b17682ae50f31e777f9107eec989a82bd92558c8a6b9e87
SHA512

61be88a38ba3e16fe66049ee10f5cee669ff2f7c9e0a0384383af91a3dd13f1959b74c96c3703a1a3c5f62d53cfdcabdc9ebfb4919f4b6b8c32f165b3a52b250
SSDEEP

768:1LM8JjlVmnpNqRW+UWs3AjuKm+pImKdhPWX:1LnjlVmHDWswjGm2AX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15b0d05d6d66e0d7de20cf1b9bd976fd

Files

15b0d05d6d66e0d7de20cf1b9bd976fd
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

ClseHook
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
OpenHook

Sections

CODE
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 199B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ