05a45fae15c54354c561807ca14b56b3 | Triage

Sharing

General

Target

05a45fae15c54354c561807ca14b56b3
Size

22KB
MD5

05a45fae15c54354c561807ca14b56b3
SHA1

4f167695c4c92d8c678d5d19dfb1ec486d32dbf9
SHA256

9ad62732fcc8d4fe8987f5b8a43a88ce2caade7defc97b7380ae4b3413dffc2b
SHA512

5f9787cb954ff2e84710a314e44c93c640491d3857e0ed80c998f236ea4cc2661d8b7297238b2da68017c3f60d992a6c3f8e93286358aadd54981671832f4660
SSDEEP

384:CWeHd2vDIdFJG98WDq/Z5EEE8X/dY8TG40pKx7CSRgQZpzIzRpyTEcGmdmUGYYz:A924sChRlu/npKx+SRgQZBqpyTEZm7GF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05a45fae15c54354c561807ca14b56b3

Files

05a45fae15c54354c561807ca14b56b3
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JmpHookOff
JmpHookOn

Sections

Size: - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE