0caf6bdd7a0fd5f2b8ded55cac24dfc3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0caf6bdd7a0fd5f2b8ded55cac24dfc3
Size

44KB
MD5

0caf6bdd7a0fd5f2b8ded55cac24dfc3
SHA1

7501d768f7ebdea7f210217a679b933555b32b58
SHA256

51e0fc5ed1e3645b49774bdcda21c414979bb07efa2355eee64086d96f968fac
SHA512

0d8e568dc3c0de6474cf644f8405422a82878173025c86900cabd375428d65d6a3bc993074aa50a3173960516deb1622dce7a81ab8f637e32760d6e56ca72f1b
SSDEEP

768:/88F+8S1Rh3eBh3mc7qV+UEUWZkocVm+gqK3H94KQuddksMedEL4bIhaD3W6:/jS3U3mc7q5Wm3/gDH94TuTksMKPbIhg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0caf6bdd7a0fd5f2b8ded55cac24dfc3

Files

0caf6bdd7a0fd5f2b8ded55cac24dfc3
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
MsgHookOff
MsgHookOn

Sections

CODE
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ