45bbbbc439201c4c08e0a4c3432ae522 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45bbbbc439201c4c08e0a4c3432ae522
Size

5KB
MD5

45bbbbc439201c4c08e0a4c3432ae522
SHA1

d356bb773b0fd8886018cbc5b81c508ea16feacc
SHA256

e8d12fc8c2d1eff043eedac3477baf1a45e68ec37b7d691cbfbf00aa3e339508
SHA512

866e896670e397cb2f6ca6c2fbdf3ff717e40cb84c35fa35dc7fd982d29aa77d15ec59ce2475c8cb4081ebb36fb76da6f70b3a73752938e6205c883d07d0ef2b
SSDEEP

96:gGKvnMoBDvCCslvtdhEArE/1pQxkpulLFjiyDXijoqRH/AQsJq:gGKvnXBmCslNxrE/1pQxk+ZjiyDXiUw0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45bbbbc439201c4c08e0a4c3432ae522

Files

45bbbbc439201c4c08e0a4c3432ae522
.dll regsvr32 windows:4 windows x86 arch:x86

1f26eabaff531a1b45981ced728199a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
GetTickCount
GetSystemDirectoryA
FindFirstFileA
GetLastError
lstrcmpiA
GetModuleHandleA
FindClose
MoveFileA
GetModuleFileNameA
FindNextFileA
DeleteFileA
VirtualProtect
VirtualQuery
IsBadReadPtr
CopyFileA

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA

user32

GetSystemMetrics
MessageBoxA
GetForegroundWindow

shlwapi

PathAddBackslashA
PathAppendA
PathStripPathA
PathRemoveFileSpecA

shell32

ShellExecuteA

ntdll

_vsnprintf
_strcmpi
_stricmp
memset

Exports

Exports

DllRegisterServer
DllUnregisterServer
onLogon

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 768B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 256B - Virtual size: 218B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ