2cdb4816c660185b61503ea28f3ec6be | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2cdb4816c660185b61503ea28f3ec6be
Size

88KB
MD5

2cdb4816c660185b61503ea28f3ec6be
SHA1

b348622beed90616600027c8d61b536869c08a50
SHA256

9ebea680ddd4b8b605e69e6239ab02162d4b82de164177596355bd7982d207e0
SHA512

5a383048c61624bd71ced780da504bb2e907a2f09f88e2bc44b29490f40fb726482948ac31a076d91c99d07f7ea7cdaec6f21407a782db7b74c16af30deba6d5
SSDEEP

1536:poqPQEikqNUGCe4H6z7R/JZJDjzwVpXx1XWX9Ryk:dV+NUGj3ljNjzwfXxAXbyk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cdb4816c660185b61503ea28f3ec6be

Files

2cdb4816c660185b61503ea28f3ec6be
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JHookOff
JHookOn

Sections

CODE
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ