faa82d8dfa0a769f4ebb705c9a71f4b0 | Triage

Sharing

General

Target

faa82d8dfa0a769f4ebb705c9a71f4b0
Size

188KB
MD5

faa82d8dfa0a769f4ebb705c9a71f4b0
SHA1

e6626b7f774f10fb6814fe0d40bd7a998c2967b3
SHA256

8dc8ec6686f5f6337bcd8feb5990d3f97bdbbc10148111f6ea479fc158cf77f0
SHA512

c58a8332cf0a0009853ef2c075294d5e60e9b567e901d2681d6c47c278dbf7ea102333a6188b4fdc4ceddf0ef61a45b5240fdd06476334e4a49cc6d8946f49e8
SSDEEP

3072:ZhzqmA94gdzq8d4S8Sv6SZpc/TZGntNAQkG28Bc6hDh9kddwydcgIyLnZlUxAYkp:Z48MyOXAQkWh9qFbn3z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
faa82d8dfa0a769f4ebb705c9a71f4b0

Files

faa82d8dfa0a769f4ebb705c9a71f4b0
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
HookProcASV2
RemoveHook
SetHook
SetHookEx

Sections

CODE
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 246B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ