70ec706d41d30c2c6f13ccf558dc5cfd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70ec706d41d30c2c6f13ccf558dc5cfd
Size

68KB
MD5

70ec706d41d30c2c6f13ccf558dc5cfd
SHA1

0de595737c0dca0e7c7e09460539ea1c493de4d6
SHA256

94e09fca170a35dda41bf221488184c75e0db544f22368bfa5a30e106adc6483
SHA512

4db4203ed1e69952b07e4691ffe0ced4f8a52e5b29a5a5990b3df095e576a731373eee570e256a5c494342cd3dba84ffb96ff28a7340e22dd4cf7ace627b17d0
SSDEEP

1536:WFqXDXQfael+Zo6qP/gISeKbxHKoM7KyURG/uuIpOaFqSla:jDXReEZoJo5dHKoz2dKOafla

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70ec706d41d30c2c6f13ccf558dc5cfd

Files

70ec706d41d30c2c6f13ccf558dc5cfd
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JmpHookOff
JmpHookOn

Sections

CODE
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ