52c9ad130913641d4feafda8c1413f7b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

52c9ad130913641d4feafda8c1413f7b
Size

80KB
MD5

52c9ad130913641d4feafda8c1413f7b
SHA1

979181e40ffcaf6e13434b3ffb851eedf5057fd2
SHA256

534be3de017bdd6a6ab5de4530b5d933c29e4f94e70dbc124e9eea350465bef4
SHA512

9c57f3e1fce0446ae361235fb8bdd4119c183fa012e916df157a140c2808be4bb5b00e52cdd87858c37aa48664922cfdcf263b17eb15f7b30455e703bc3aa6e3
SSDEEP

1536:cv/fAK+vfm3XdPc2N6sxCOgbnRn8LquLf0oeuFaTAXuxN0JQBHNWspZqgwPcx1pU:4wm3dc2N6sUOgbnBNuTeO+0SNWsEW1pU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52c9ad130913641d4feafda8c1413f7b

Files

52c9ad130913641d4feafda8c1413f7b
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JpHookOff
JpHookOn

Sections

kir5g
Size: - Virtual size: 172KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

n8a
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

s7m2
Size: 114B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE