5291a7355b288393f306c5856417eb2e | Triage

Sharing

General

Target

5291a7355b288393f306c5856417eb2e
Size

167KB
MD5

5291a7355b288393f306c5856417eb2e
SHA1

224cda8fdd83cddf71e5b02ec090adf925d61ff9
SHA256

ea55845158ba7f5f7253a1bc5e22a06f566d43ea4366b9101e3826f2d25d99b1
SHA512

b25864b984c866796f1e07421986ce6e5abd15418acc395f9b3a689c4bfd2978c454b104ec333e4a9f9951a309097fb0c4e58bd1c1162b1db5a951388431b313
SSDEEP

1536:+qsUYrXpK93hKdcCwXAlJDWuDLylol7LVpgKCzOxfDq7gKUw:O1r+3hKOXAlNly+xLV6KCzOxwN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5291a7355b288393f306c5856417eb2e

Files

5291a7355b288393f306c5856417eb2e
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

4qbrhbt
Size: - Virtual size: 184KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

neyibh
Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

7i7c5dgt
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE