4a35135605501f053864454da90885fb | Triage

Sharing

General

Target

4a35135605501f053864454da90885fb
Size

38KB
MD5

4a35135605501f053864454da90885fb
SHA1

d2855405e605a2a737b757a1c4346166fcfe4068
SHA256

529a0d19c4c4c1dff36213fc3ff30726d19fdbb4dbf84667e8c4dabdeea8d353
SHA512

c3a1fa3ac5c84755ee9068336171b6c9f3bdbb765b22b249b34a5a05ada1ae92a2045422d7aafdc4abccb8c74901f106ab222e5eaf41543534e54ec07987c066
SSDEEP

768:MycqmQCOwlyrHlmUaUGR7fsnyL3IJcqtGach7BiO:LcqmQ42gFUGdfj31q8d7B/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a35135605501f053864454da90885fb

Files

4a35135605501f053864454da90885fb
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JHookOff
JHookOn

Sections

CODE
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ