48ef17c6d397cd1075f34e6958a1a7cc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48ef17c6d397cd1075f34e6958a1a7cc
Size

55KB
MD5

48ef17c6d397cd1075f34e6958a1a7cc
SHA1

7366e358f8c298af4c5b4ca6d09be8b313b38013
SHA256

724fc01b94ad56ae66e5d45b6203a4395f792bbcd4640b3fcd625e1846b85cdd
SHA512

401c504f3ae095105c1bcd6caae4ad2c5c433fb20a771f9b6b4601e719e201d6c8096356821488879b6b56bb4de3934b33d8265694028852fcf0675546af4e33
SSDEEP

1536:Of4EG28zlMGwW5HHQAgPaMXqcLa21S+TcYR2Z/iuqo9EZFUA605y:OO2v6HQ5aM6cLD1HcM2Z/iuqoM7s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48ef17c6d397cd1075f34e6958a1a7cc

Files

48ef17c6d397cd1075f34e6958a1a7cc
.dll regsvr32 windows:4 windows x86 arch:x86

3d34dedea979df86dd7e5867e6e1d85a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord537
ord941
ord800

msvcrt

_adjust_fdiv
_initterm
malloc
free
rand
_mbscmp
realloc
memset
memcpy
_stricmp
_strlwr

kernel32

GetProcessHeap
VirtualProtect
VirtualAlloc
HeapAlloc
GetModuleFileNameA
CreateFileA
GetFileSize
ReadFile
CloseHandle
FreeLibrary
HeapFree
DeleteFileA
IsBadReadPtr
LoadLibraryA
GetProcAddress
VirtualFree

Exports

Exports

DllGetClassObject
DllRegisterServer

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 198B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ