034ba15bbb5d4e4f3a30fb4f569e43a8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

034ba15bbb5d4e4f3a30fb4f569e43a8
Size

44KB
MD5

034ba15bbb5d4e4f3a30fb4f569e43a8
SHA1

0c98b751324f81277d2de07d8d7d8ee89d8974a9
SHA256

04d6175a8089b964a182b6d20e424655645dc7b1e7e41700b98b6d9650f547e5
SHA512

a12c8f08a7228da4dbae2b3b06e72784d9e420cfb679263a1adde04f20104b46f078a92f9609e1c22df2ef91a172a7c4556de38b43f806f74bce61b897f10b28
SSDEEP

768:OCSqWQ1geCiGgLTqiqrNYiO5OpBl5Y1rvKNXHZU3hPzbzR992fzSxVHmIU4:pSqWQGPgLTqiniGOpBl24a3NzPX7kIU4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
034ba15bbb5d4e4f3a30fb4f569e43a8

Files

034ba15bbb5d4e4f3a30fb4f569e43a8
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
MsgHookOp
MsgHookif

Sections

CODE
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 201B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ