19c2b145198ec9953fe49a8507cb527e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

19c2b145198ec9953fe49a8507cb527e
Size

75KB
MD5

19c2b145198ec9953fe49a8507cb527e
SHA1

61f24303755ac78704588e2d2225ac45621f311d
SHA256

53d94b0ab50acc6eb6f311c3835279324be633c652361584c3bfce04afcda6da
SHA512

eda5e3d02c4928cd78f433d0d8ebd2aa7a8980f4811117b4d8b76d0147017e99acab0484dde862a3798e29d8d66fa23ea454b8457bfed7005b8322de65cc9b60
SSDEEP

1536:jSTzT1tXhP58PvpdXUCV60n+YLZNMn6Pf8EvTbTQHZrb3RQLj/SJc5NCYzE:yDtWUcn+SZbf8EU5rdS+Jc5NB4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19c2b145198ec9953fe49a8507cb527e

Files

19c2b145198ec9953fe49a8507cb527e
.dll regsvr32 windows:4 windows x86 arch:x86

e9c658a05a7e883fd738617f47e33237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

wsock32

WSACleanup

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

CODE
Size: 69KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE