0bef4db3745b67e43f95e94e7d7d7157 | Triage

Sharing

General

Target

0bef4db3745b67e43f95e94e7d7d7157
Size

49KB
MD5

0bef4db3745b67e43f95e94e7d7d7157
SHA1

3edc0f7acd2e3002c58c6d30e7ffd2df9170f645
SHA256

e1b0a6a635c9370b90dd15a6349b8222cd90a822cd7daf3abe28a425bef4df27
SHA512

aaafc22d6f5fec2c7d8b8c4137f9737c91808c232695c47888afbc9ecde0e69016a3882761a9bc17a140f58f2beffc852fd6fd7895ec13b49df29f75d2c9803c
SSDEEP

768:TmpM8NNPVOTh87RRd4Qxr+xJMV0vBJ4vrv40Op5Fm1x6HQpdEvCeXJ36y:TaLcKlRdXqTMV0vBJOD4d3m1x6HA+cy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bef4db3745b67e43f95e94e7d7d7157

Files

0bef4db3745b67e43f95e94e7d7d7157
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
HookOff
HookOn
MsgHookOff
MsgHookOn

Sections

CODE
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 237B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ