56462805576e0b68b0a64e89f98c57cb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

56462805576e0b68b0a64e89f98c57cb
Size

325KB
MD5

56462805576e0b68b0a64e89f98c57cb
SHA1

b9319a0bd0ba5521c2d97a519f3ea1fbe858a989
SHA256

f655dd3accf6c363d7807557034aac10b82e9dca606ec37454f10115b28e2569
SHA512

4bf6d7a548355828b4f57faa2527bc382365a330800c7bd2c8b8afd8255a53cf721d9f13b783a0c2afb6272b5df6ee9ed9874119eccc9792b88d0c2b07a3fba7
SSDEEP

6144:yYFxGa6+jTluQDJVoHIZ0z7PW0uet1hjdweUt7DTxzP6:yUj93VGHcey4DdY1z6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56462805576e0b68b0a64e89f98c57cb

Files

56462805576e0b68b0a64e89f98c57cb
.dll regsvr32 windows:6 windows x64 arch:x64

b211bec2627ea9b5322d60ef3ed97e1a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetThreadPriority
TlsGetValue
WaitForSingleObject
GetCurrentThread
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
GetSystemTime

Exports

Exports

DllRegisterServer
DllUnregisterServer
StartW
StopW

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 254KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ