41edf7e65de351bde85492355859be7c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41edf7e65de351bde85492355859be7c
Size

138KB
MD5

41edf7e65de351bde85492355859be7c
SHA1

e1ddcd5464c1d33b69d6b51a8f58d6b68fdb4f25
SHA256

4ce9f4e205e78165c8ae06440322dca6f7e4639ad3ed998b4b659aed2b7a15a7
SHA512

db5de15452790a4d753e24b106b6fa8e67e3ea7ff89e7966d4c4cf7fe63d60401d86b1127a83d5b6f2b4622ce743170ee0a34f96665a8bdf9a8a40015ccdea70
SSDEEP

3072:tNLetoU06SvkgSP3Fv7ODzID7J2EJh4rpFu3ihyhJ:XCWUmm1v7ODkx4rpFKi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41edf7e65de351bde85492355859be7c

Files

41edf7e65de351bde85492355859be7c
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

CODE
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 207B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ