513bde9cf2f67cb44fe7f1bdefd1d40b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

513bde9cf2f67cb44fe7f1bdefd1d40b
Size

116KB
MD5

513bde9cf2f67cb44fe7f1bdefd1d40b
SHA1

4fd46879fc11f05547cb39ab97ac97c4872f642e
SHA256

d488d9828eac79a9bf9adf1c4a5ba0fb622bd28fb7d328fb23096c5fca942eca
SHA512

84a9c3ccbf3ed9a4e4cf0e6a53dafd1e7c074b39c7652bdfa3a1ef17d55577948a50de4aa4d68346d8e808830f40df9d3182128ca75f8cfd8ef2bce6eb34b00f
SSDEEP

768:/nzQoiSUqZOXQnSrovwCOCu2lqWfmw/1F/+w+AzfNlSyEA0fOt5EMlj4u81Sq9c:/nzQvFqZWQBbHxewdZlSyEcxq9c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
513bde9cf2f67cb44fe7f1bdefd1d40b

Files

513bde9cf2f67cb44fe7f1bdefd1d40b
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE