0915c61c390cc15840e5c272579b4036 | Triage

Sharing

General

Target

0915c61c390cc15840e5c272579b4036
Size

47KB
MD5

0915c61c390cc15840e5c272579b4036
SHA1

7489ac8b8ee3d3b4e1a04577f3be2dd27fc6ef3b
SHA256

6ffdf68c775c08b5bb841cea6081e48882202e7207180732f83f6aeb092c4bcd
SHA512

86ec74f1642f1bd5255853a6b9b775d7b7d597aad04656cd3124b199d7ee4d3df5d825974efeb30da8f5ded6cc39b093dd5c5fecac55cd43ad83aa320ab9d6bd
SSDEEP

768:nX50im89ItcaT/nqtidf4x0QWwsBNXJpGfIbdKU/o:np0z8WJ4xHWnBNX7GfudKUg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0915c61c390cc15840e5c272579b4036

Files

0915c61c390cc15840e5c272579b4036
.dll regsvr32 windows:4 windows x86 arch:x86

86dfb80a5ed6f3e5943596af63234fc6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

connect
htons
closesocket
WSAStartup
socket
recv
ioctlsocket
send

kernel32

LocalFree
LoadLibraryA
GetProcAddress
GetLastError
GetModuleFileNameA
GetSystemInfo
WideCharToMultiByte
GetModuleHandleA
InterlockedDecrement
GetCurrentProcess
lstrcpynA
CreateFileA
FlushInstructionCache
Sleep
CreateThread

user32

wsprintfA
CallNextHookEx

ole32

CoCreateInstance
OleRun

oleaut32

SysAllocString
VariantClear
SysFreeString
GetErrorInfo

msvcrt

_adjust_fdiv
_strdup
_stricmp
_strupr
??1type_info@@UAE@XZ
_initterm
_onexit
__dllonexit
_CxxThrowException
strchr
free
isalpha
isdigit
realloc
malloc
wcslen
??2@YAPAXI@Z
sprintf
??3@YAXPAX@Z
__CxxFrameHandler

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ