3b3fe04c1b977de1b1ee2fb501d51f49 | Triage

Sharing

General

Target

3b3fe04c1b977de1b1ee2fb501d51f49
Size

158KB
MD5

3b3fe04c1b977de1b1ee2fb501d51f49
SHA1

ddb9e118aaa77f71295f29864480fd0ff730c8d2
SHA256

93c1ddf3dd6814121d07c7606187b373d94148de44f2490404a3e6e47b5a56a0
SHA512

a5abe3df2d41b6a2680ff517b2c8128652f25efabb9d3b8ba688ea2ec41451d5de075119eed3b6636e6e0f0205b07817cf035865005fad1508a865466ab7775d
SSDEEP

1536:Yb5B0Y8rW7grpitsVMoncFuaHceNES9eVWZP9jeElpis7hEOCb7Z+pi:modrSYTVPcFPHceNuWP9LlppM7ZW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b3fe04c1b977de1b1ee2fb501d51f49

Files

3b3fe04c1b977de1b1ee2fb501d51f49
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE