35b4c0ccd2ebdc99270d1468d55b436a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35b4c0ccd2ebdc99270d1468d55b436a
Size

157KB
MD5

35b4c0ccd2ebdc99270d1468d55b436a
SHA1

5a495cf8d9b691f17695dbaf92f50570718e8577
SHA256

cb61f43d58c332c8429d88729ab23361717eb99afbd65abe5f39c464807bfd59
SHA512

5b4cb3f0a3d14189f3117062c291a7150d6c944337dd8c2bc7e3016997e64063601265f851d1b26e0887875da6e42e4f07ac53092def45cb889eb66514375966
SSDEEP

3072:VZUS7R1PZUS7R1PZUS7R1PZUS7R1PZUS7R1:VZdvZdvZdvZdvZd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35b4c0ccd2ebdc99270d1468d55b436a

Files

35b4c0ccd2ebdc99270d1468d55b436a
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
drtryu

Sections

CODE
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ