19dbb0288e003e61e62f4b223d4da667 | Triage

Sharing

General

Target

19dbb0288e003e61e62f4b223d4da667
Size

44KB
MD5

19dbb0288e003e61e62f4b223d4da667
SHA1

566dd9783fa40fea6dac834f61766f09b82102d3
SHA256

2faf85e37e958e7a9311f7d829085c16addef7d24a0c1f7593a237803818b6bb
SHA512

76a03954b58a91da4917135b66a93b7a88d8ad08e4b8657cbfdd88134e66e9d09d583afd99f59bb3dfb220630840b80985fa08582c2c21e3bc5300d5a6eb3496
SSDEEP

768:vmTro4PNuVEj68tWpkavXXagQZl55CTTfFj8gLa1kwV:OTr7Uq1oXagQZl4fx9LapV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19dbb0288e003e61e62f4b223d4da667

Files

19dbb0288e003e61e62f4b223d4da667
.dll regsvr32 windows:4 windows x86 arch:x86

a6039ea9bda01d35bc386191699cc581

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateMutexA
InterlockedIncrement
GetLocalTime
GetLastError
GetWindowsDirectoryA
GetSystemDirectoryA
CreateProcessA
VirtualAlloc
GetProcAddress
GetModuleFileNameA
CloseHandle
LoadLibraryA
CreateThread
WinExec

user32

RegisterClassExA
CallNextHookEx
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
KillTimer
SetTimer
UnhookWindowsHookEx
FindWindowExA
PostMessageA
DefWindowProcA
SetWindowsHookExA
CreateWindowExA

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

msvcrt

free
_except_handler3
strchr
fopen
fwrite
_stricmp
fclose
strrchr
__CxxFrameHandler
_initterm
malloc
_adjust_fdiv
??2@YAPAXI@Z
??3@YAXPAX@Z
sprintf

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ