14155bb02cc7a801d3a768f99af9bc80 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14155bb02cc7a801d3a768f99af9bc80
Size

68KB
MD5

14155bb02cc7a801d3a768f99af9bc80
SHA1

fc7141b8155f84e0899614aa31a3758a60fe57f6
SHA256

6b929765ad70c3bf55b99760585d287452ecca59df8abe218d6ea50dc61fa70b
SHA512

36918b40665c89bb45856e84380bf271615d3122466da82f3b0616074df5cc3d79a61e77562ca4bf7a8818c304c05f4cfbef8a1b8ace2e8243a6e143fa985769
SSDEEP

1536:5xhB7maE5TnnGEwGFL0VyJUE6XGlzZ/avSfbcP6c:jhBy75TGEwGlV9NlzovWbcP6c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14155bb02cc7a801d3a768f99af9bc80

Files

14155bb02cc7a801d3a768f99af9bc80
.dll regsvr32 windows:4 windows x86 arch:x86

1017e1c59443c3dbcbacc3038fa4efea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

shlwapi

SHDeleteValueA

ws2_32

gethostname

wininet

HttpSendRequestA

user32

MessageBoxA

gdi32

CreateCompatibleDC

advapi32

RegQueryValueExA

shell32

ShellExecuteA

ole32

OleInitialize

oleaut32

SafeArrayCreate

gdiplus

GdipGetImageEncodersSize

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 61KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE