1d861d1ff84137692fefadd60692453c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1d861d1ff84137692fefadd60692453c
Size

101KB
MD5

1d861d1ff84137692fefadd60692453c
SHA1

2694c36c127baf45a82c7d187cb0ea60d85766c5
SHA256

6e1c9ba216626e907f25eb6885c69c9aef4641725fc44730d6d8e14018bab944
SHA512

6a59b76df03475c6d4e4eed91b3fa08501ea5f1bbf65e5ccdb2e0c0b639a8228f3f7fedeb0d4598c89f447dbb9d20bfbab465c42341fd9dae78d772cae799319
SSDEEP

3072:QcNz3E2MgglZVKdd/27Z1/kQdFsNV0gV/X:JNjNpglyj/2tJjFsjv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d861d1ff84137692fefadd60692453c

Files

1d861d1ff84137692fefadd60692453c
.dll regsvr32 windows:4 windows x86 arch:x86

03cd6398ab755d36126b41dc9fb195da

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
DuplicateHandle
ProcessIdToSessionId
GlobalCompact
Module32FirstW
SetLastConsoleEventActive
LoadLibraryExA
EnumResourceTypesW

advapi32

FreeSid

oleaut32

SysFreeString

user32

wvsprintfA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Jdkkhdk
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.text
Size: 98KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 224B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ