22b5e032fe580f4e2a9b60901b50a71a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22b5e032fe580f4e2a9b60901b50a71a
Size

299KB
MD5

22b5e032fe580f4e2a9b60901b50a71a
SHA1

81dec8703a7fa0bb893ba71a47eece13ab18ca7c
SHA256

6e9dc528a78281330852cea1b921d9b2d2776573215e6df143021edb8e3e1dfa
SHA512

c78dc7bdfba8f57cf8d64977b05e46ef4ef81d7f99a80d1921f4d32176404dee667d26a898eb0650be2c8d965720b3ea3c4eae39c5e67bd8b01a528b32f1d2a1
SSDEEP

6144:YXNUYVFwAfGuLmRfuAr7pIqcmqBpRimSTB5wr+/Lg0X:YXNP/ZLUfuA/pVqBpAmSl5GOLgG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22b5e032fe580f4e2a9b60901b50a71a

Files

22b5e032fe580f4e2a9b60901b50a71a
.dll regsvr32 windows:6 windows x64 arch:x64

35890417b8426ce9add593489cc763e0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetThreadPriority
TlsGetValue
WaitForSingleObject
GetCurrentThread
VirtualFree
VirtualAlloc
GetProcAddress
LoadLibraryA
GetSystemTime

Exports

Exports

DllRegisterServer
DllUnregisterServer
PauseW
ResumeW
StartW

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 259KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ