485bdf261d8a2750c2915e1c2d0e6d3e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

485bdf261d8a2750c2915e1c2d0e6d3e
Size

120KB
MD5

485bdf261d8a2750c2915e1c2d0e6d3e
SHA1

a3f7c28f3b90fd241ef43d99442b2299236a4b41
SHA256

c641173d84806cbff906648f52619010aea0d2aaff509c5c356e417d34139148
SHA512

6868049f9878e99bd64565b178e2c5bd152b1777da15844ecd2a7751c55963d4ae89d031a844134076d85598eef6b77d9414db2c8e5593f3851c90236de1d19b
SSDEEP

1536:ZhzGqSQGQ1ADAfRAFMFnc5ZpL/sxUo0qvvW4D3IR:vQfQ19Rtmpb8U/+vW4D3C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
485bdf261d8a2750c2915e1c2d0e6d3e

Files

485bdf261d8a2750c2915e1c2d0e6d3e
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE