4b831f1419283204ce13cbadf5230c46 | Triage

Sharing

General

Target

4b831f1419283204ce13cbadf5230c46
Size

465KB
MD5

4b831f1419283204ce13cbadf5230c46
SHA1

354d67dac09696a95b904853d1f0b5c71723dda1
SHA256

c015e457b725ba995337a7965a931a2455f3b9ac5a195495aee3b9eb164323c3
SHA512

f6043bcd579fb4adc2c62dc01e0ac7fc79b564a90390d86fa81138f766aa22ab1b3446e3bc47f7ae942d6260a9663c5d34378d94d38f1d31a6ff4b58b060dbbb
SSDEEP

6144:MH9wwMZWjYVYbxiLlxrifcqhLxSOldE8zUH5h+pR5296Sm3iG0hjwR45Mw/Yogcz:okFdK2aUpSFCp0LcjzCemnkHX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b831f1419283204ce13cbadf5230c46

Files

4b831f1419283204ce13cbadf5230c46
.dll regsvr32 windows:6 windows x64 arch:x64

35890417b8426ce9add593489cc763e0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetThreadPriority
TlsGetValue
WaitForSingleObject
GetCurrentThread
VirtualFree
VirtualAlloc
GetProcAddress
LoadLibraryA
GetSystemTime

Exports

Exports

DllRegisterServer
DllUnregisterServer
PauseW
ResumeW
StartW

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 262KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ