4ed061d5957e76ef640dc320b8815fdd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ed061d5957e76ef640dc320b8815fdd
Size

48KB
MD5

4ed061d5957e76ef640dc320b8815fdd
SHA1

520fd587156ccc5a38740a12d3ceae4b83149735
SHA256

9740216f97f1087ac4bc7577e956a0813ed308e5e740182d7a787155e0a15678
SHA512

4752effd27bae4cd5331ec7ed8c7c5de31a322138f266558829b0230d807a4e69cdd7cf4615841db2fc2b60e1ca1de2d6cc94fa77c439996e5ac98aa22622609
SSDEEP

768:Rf2sGPV0oZ3TqGnU0+fiM/FZiTxwDwpyS88gzX6PuZSOaXna0f:lw0oZuGef2wDwph1PsSrXa0f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ed061d5957e76ef640dc320b8815fdd

Files

4ed061d5957e76ef640dc320b8815fdd
.dll regsvr32 windows:4 windows x86 arch:x86

4e04ad7ed3dc41820f7552026f59ee54

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryExA
GetProcAddress
LeaveCriticalSection

urlmon

URLDownloadToCacheFileA

rpcrt4

RpcStringFreeA

advapi32

RegSetValueExA

shlwapi

StrRChrA

user32

SendMessageA

oleaut32

SysFreeString

msvcp71

?_Nomemory@std@@YAXXZ

msvcr71

??0bad_cast@@QAE@ABV0@@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE