3e50b965af95531c9870d30c5d5ad305 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e50b965af95531c9870d30c5d5ad305
Size

264KB
MD5

3e50b965af95531c9870d30c5d5ad305
SHA1

0cbbe1246b50d3538da400ac3f04ff00e7f80ead
SHA256

b91dd0795df7f92b4488ef5b806a7bac7b0f233f941993c8cee95963203bde8b
SHA512

5d80dae3bd50f2617a23af8a6ca159431f9f552b3c747cc39a0888968056cc4531aa9492ad84126161c883bfe5ec2fed4a583275845cc2330949ea65a2a6e3bd
SSDEEP

6144:+ycf5ZK+fnvlfUYE1JBsHihCZyw6E+bKj9K/0:+PfbK+rEGHGZw6b0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e50b965af95531c9870d30c5d5ad305

Files

3e50b965af95531c9870d30c5d5ad305
.dll regsvr32 windows:4 windows x86 arch:x86

462279bad69b1a7e4baf4a00a47fae17

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

gdi32

UnrealizeObject

version

VerQueryValueA

ole32

IsEqualGUID

comctl32

_TrackMouseEvent

netapi32

Netbios

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 256KB - Virtual size: 780KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE