0f1fafb0ee16f135cad2ac451d577a5d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f1fafb0ee16f135cad2ac451d577a5d
Size

167KB
MD5

0f1fafb0ee16f135cad2ac451d577a5d
SHA1

08b5a62ed3b75bb82f5e770b16808ebbc0e2b076
SHA256

67f1e18a4f0cf8d90aa8ffbbd91576e97d8cab7cee3dc74db3c6eb34b17afe17
SHA512

c17eade5d3654f00d7f8784eb3d8e888a132f87bec7226d5f309734d3de93d242913125295a753f013af3d2e02af928fcfe7013056216f504ded10e7fcc3d2e3
SSDEEP

1536:HC9cW7iEMH7scZuNq9KLylol7LVpgKCzheh9f4211W51ELdKB:HxW7iH5ZuNqQy+xLV6KCza9g21XK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f1fafb0ee16f135cad2ac451d577a5d

Files

0f1fafb0ee16f135cad2ac451d577a5d
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: 3KB - Virtual size: 184KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 93KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE