25ab87a3cae150780b8bf356540fa652 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25ab87a3cae150780b8bf356540fa652
Size

422KB
MD5

25ab87a3cae150780b8bf356540fa652
SHA1

d371b0a3297013a0a207828e0cd21ecf837e806a
SHA256

c96ee44c63d568c3af611c4ee84916d2016096a6079e57f1da84d2fdd7e6a8a3
SHA512

70eb4e7232718470dd085aca1ee51d386f38fd59cfb7980b8afe3b646340b813656601555052478c16b00ddd0868bfefe9e95b80bd3b9604c32a37c2403f430c
SSDEEP

6144:pi4msma5Nnj+ev8pVirLmCb9IGpIoIg3qdsfKqaH/7fbc1yGX1bLTx6:qveNnKevo2CqOrMq8efg11k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25ab87a3cae150780b8bf356540fa652

Files

25ab87a3cae150780b8bf356540fa652
.dll regsvr32 windows:6 windows x64 arch:x64

022d879d712a6db89f1be44b8da78c3c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetThreadPriority
TlsGetValue
WaitForSingleObject
WaitForMultipleObjects
CreateThread
CreateFileA
LoadLibraryA
GetProcAddress
GetSystemTime

Exports

Exports

AvpkrxbpjlwwXztmgvida
DllRegisterServer
DllUnregisterServer
FpjtsCnthqzrguRxeqj
PauseW
ResumeW
StartW
YallcxhxzlJkdbnvintvouliz

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tdata
Size: 259KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE