2622eace4a5454b6a68a74a2ef5f8872 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2622eace4a5454b6a68a74a2ef5f8872
Size

78KB
MD5

2622eace4a5454b6a68a74a2ef5f8872
SHA1

7cb855f96c8894a7d4daedbc786a03421cf0cbf7
SHA256

f0149685ead05be82b77d522d752cb644363306556e60ac8b8f3ca5ec8a0d075
SHA512

5903479c28815bbf6f638dd0f2c4cf35554431fe0465fcf88fdc9925437c6ca799fee8ce2207118225e8c454315f1ff7c959db2a1933b582026f57b211e6b66a
SSDEEP

1536:xmfpe3/Yt9KbAHfFH1yx+UIlmq0oA635Ubsonk8b:xmBe3/Yt0bM9H1y4mB6JUor8b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2622eace4a5454b6a68a74a2ef5f8872

Files

2622eace4a5454b6a68a74a2ef5f8872
.exe regsvr32 windows:5 windows x86 arch:x86

cb3155778c901bf0bd71c238ab202ead

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
ExitProcess
lstrcmpiA
VirtualProtect
IsBadReadPtr
GetProcAddress
LoadLibraryA
VirtualAlloc
CreateThread

user32

LoadIconA
SendMessageA
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
DefWindowProcA
LoadCursorA
RegisterClassExA
KillTimer
SetTimer

Exports

Exports

DllRegisterServer
DllUnregisterServer
start

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ