5750ae1cc954c2b345a92a182e1ad33c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5750ae1cc954c2b345a92a182e1ad33c
Size

57KB
MD5

5750ae1cc954c2b345a92a182e1ad33c
SHA1

858762b95d4eda09ee9eedb6408894bfb54af7f5
SHA256

31246883868afdaffc5400d85eae54fa74844549aab4bc9ced6644d9787c8352
SHA512

5a78b9d80d5185ca7d47fff6ec2a0be45a44c9db92113d8cb95049d0849325393369b1d228fdccaf9bddcb75b8175066de3a99a36f52d1898f30e665709d1dee
SSDEEP

1536:dZoOQeP15YCslCvzF757+Rcl/K5InG4XJ:A6fslCrF7QcNqQJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5750ae1cc954c2b345a92a182e1ad33c

Files

5750ae1cc954c2b345a92a182e1ad33c
.dll regsvr32 windows:6 windows x64 arch:x64

cfa8dd488fd4044f7dbcc5838881a33c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetCurrentThreadId
GetCurrentProcessId
GetProcAddress

Exports

Exports

?druio@@YAHXZ
?dweby@@YAHXZ
?hoprtw@@YAHXZ
DllRegisterServer
PluginInit

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ