5a75b69f29d8b000e58c31e3cfdf4509 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a75b69f29d8b000e58c31e3cfdf4509
Size

13KB
MD5

5a75b69f29d8b000e58c31e3cfdf4509
SHA1

8d2c4f0eb575581d4b1550842a2a5566f41d8bc7
SHA256

45a4e0e3bcda464fa584308d7b052ecdb043a582c835b79b2d49dfa2bac06b68
SHA512

6de455e1cf443c287d7e960254ccafc7e003f2e9cd101a995489ad2eaef8fa2ca4c81c29709d0ed74b78f20fdb3bc3409ff32468ed937f74ae3599e72ee91add
SSDEEP

192:alKC1O9VZBlbpgJjLOMYoNroi6tu2dxt5eF0f9TM2frXN8E2xMFmhRtJb:alKCoVTpCJHMoN56HTkMuQrXNcxUgRv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a75b69f29d8b000e58c31e3cfdf4509

Files

5a75b69f29d8b000e58c31e3cfdf4509
.dll regsvr32 windows:4 windows x86 arch:x86

9c0432e1910a7f6b5d39ec1826872d5a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
GetProcessHeap
GetTickCount
HeapAlloc
HeapFree
HeapReAlloc
Sleep

Exports

Exports

Control
DllRegisterServer
FreeBuffer
Release
Start
StartW

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 386B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ