554df7b0a99da284163566c5d75af06b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

554df7b0a99da284163566c5d75af06b
Size

40KB
MD5

554df7b0a99da284163566c5d75af06b
SHA1

c96510ee8f275dfd6148787b60cb21d3a739fbf6
SHA256

a2ddfb57df5fd9a69f57ccca79c63542a39eae21e96eab06cf0cef75f77a2b62
SHA512

494a197891490cb942a6c6286f65eba054a775a47ec888d7f255f28ee9f4641b5d70011cc2e7b0a8b54d554079ad3e9afa0b91247d6aff4e9fb23de25c00d9be
SSDEEP

768:+ix5/1wnA5SccgVeUGPXWY0eRlP4G3CyZGRsTSdbjLg:VxbwnmpVezPXWGlP1b6aSdbng

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
554df7b0a99da284163566c5d75af06b

Files

554df7b0a99da284163566c5d75af06b
.dll regsvr32 windows:4 windows x86 arch:x86

72c6e7ec42073d3213eb0199660b463c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

send
recv
socket
connect
ioctlsocket
htons
closesocket
WSAStartup

kernel32

LocalFree
LoadLibraryA
GetProcAddress
GetLastError
GetSystemInfo
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleA
InterlockedDecrement
GetCurrentProcess
lstrcpynA
CreateFileA
FlushInstructionCache
Sleep
CreateThread

user32

CallNextHookEx
wsprintfA

msvcrt

_strupr
_strdup
_adjust_fdiv
_CxxThrowException
??1type_info@@UAE@XZ
_initterm
_stricmp
_onexit
__dllonexit
strchr
free
isalpha
??3@YAXPAX@Z
__CxxFrameHandler
sprintf
??2@YAPAXI@Z
wcslen
malloc
realloc
isdigit

ole32

CoCreateInstance
OleRun

oleaut32

SysAllocString
GetErrorInfo
VariantClear
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ