134807b029f791e17f3ec4ba48f5ec46 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

134807b029f791e17f3ec4ba48f5ec46
Size

235KB
MD5

134807b029f791e17f3ec4ba48f5ec46
SHA1

5a97f4f861be6973ce82128ffa3a5f3f49f21515
SHA256

84a7d2b833188c9c1894a98bd740ad970d616d5df24b49d06cf7358753bd6d6f
SHA512

e339b5a8903f6c073ad6b70b3e68f08e776cb3a74ccd20afd4bd65739eb0773cf363e261a76821f9193e027759420bdc3b4e4a1b8b2a87ab794e033d34067afd
SSDEEP

1536:lSq6Q7zb+nKRF1iHCj/L9qQj8/lToRyj8M72cUr3333aYeO06RG3yERHq:Ckz1ZT8qRyj80XYnbcDw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
134807b029f791e17f3ec4ba48f5ec46

Files

134807b029f791e17f3ec4ba48f5ec46
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JmpHookOff
JmpHookOn

Sections

CODE
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ