03b066246003814bde75b991b45208c8 | Triage

Sharing

General

Target

03b066246003814bde75b991b45208c8
Size

99KB
MD5

03b066246003814bde75b991b45208c8
SHA1

cc68211c3f5db2c23d2f54433f41a18e22bcbc6c
SHA256

d4720fbadd18ebce1c854925d8bc71d6772f9855773b7fa5260f1817a19bad21
SHA512

1e62b4493f45cc1bba947f850f18f9fa6460267ea130082a3216437200126eec8343385e88afaccd53ab53eac1e3276c5994f56ad29d89d2e944cbd70c755f03
SSDEEP

3072:/501wxblRZ/RVXVdMvxFQLvHvtiW2MSK:/9xjxbMxWLvHc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03b066246003814bde75b991b45208c8

Files

03b066246003814bde75b991b45208c8
.dll regsvr32 windows:4 windows x86 arch:x86

891f07a377442d3ed524de389ee6d3ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
SystemTimeToFileTime
GetConsoleFontSize
TerminateJobObject
FindVolumeMountPointClose
LoadLibraryExA
GetDevicePowerState
WinExec

advapi32

FreeSid

oleaut32

SysFreeString

user32

wvsprintfA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Ionmgoc
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.none
Size: 96KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.none2
Size: 512B - Virtual size: 478B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 224B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mnon
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ