4b2e8afa8a7f83f0bcb77c7e7c34d1bd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b2e8afa8a7f83f0bcb77c7e7c34d1bd
Size

128KB
MD5

4b2e8afa8a7f83f0bcb77c7e7c34d1bd
SHA1

67fc2ea98f5a403ab8b9f658a545449dbbef7284
SHA256

85a0fef583dd4806efcf11bd4b0b507b869c45a89c7b21e551a020e3afb39005
SHA512

edd7c5b75c29c202a7b36ac0d5a53faf8b1829aabae8ae1d10d7f7b9029f10c9d58d7582bba7f09b390265a638404e065deaab3a750e3daa34db6d3dae327c32
SSDEEP

3072:/K6E/BZsav1jHd1BpmZpfxpWrD5I+4MbP2ciAaGdvoQ2rp:ip/Xsav1jHd1BpmZpfxpWrD5I+4MbP2f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b2e8afa8a7f83f0bcb77c7e7c34d1bd

Files

4b2e8afa8a7f83f0bcb77c7e7c34d1bd
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
LoadHookOff
LoadHookOn

Sections

.Upack
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE