00c7107844d487ce4812a75cda1c5f81 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00c7107844d487ce4812a75cda1c5f81
Size

101KB
MD5

00c7107844d487ce4812a75cda1c5f81
SHA1

4e0352ac1dfb6f22f51e6e7efbef36c3b263cebc
SHA256

cb8c273faefe20846a8b6bb2fb0b3fea640e880f34c6770fbbc4cb4a5bd02414
SHA512

263176be4bfc724ec9b1f783267d8a0a2e5dc2ded46250f3c27a913715550182325f59033219341c37def0b0b1fd556a08839cb7b5d3567e9392c4802ebc746c
SSDEEP

1536:cDj5Cnh+n1Gx8syj6vrrOXJmgswOPaNF9eJvZDzq35oi6yM0qhM8V4g:+dCh+n1GLyOjguSCvZDzq+0qhL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00c7107844d487ce4812a75cda1c5f81

Files

00c7107844d487ce4812a75cda1c5f81
.dll regsvr32 windows:4 windows x86 arch:x86

78e163d8cd11bbfa8439ab58bd0e3ce6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
GetVolumePathNameA
AssignProcessToJobObject
LoadLibraryExA
SetCommConfig
GetLongPathNameW

advapi32

FreeSid

oleaut32

SysFreeString

user32

wvsprintfA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Gaknclp
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.text
Size: 98KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 224B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ