76f0ff6a013170d0f4adb05580da5e44 | Triage

Sharing

General

Target

76f0ff6a013170d0f4adb05580da5e44
Size

164KB
MD5

76f0ff6a013170d0f4adb05580da5e44
SHA1

88cd1f65611d3d6db53c2e1c54e291cf4d54eb96
SHA256

1e8a77180693c6979f4dbc0ddefa0c7eddc89474d33a325d6567c0b04242e184
SHA512

bab1984fd87e241314a16dc9951670eb8b63a66b3d4acdf69ee1703cd427a1cba337822866baef9c345b258066f79387048b14f271a699dec3f0459a7ffa0305
SSDEEP

3072:cTltpXTmRUD82PbjCb5lcUpLhUf05x97bsqWpaM0fB8U6xcBwVSuU1E7YbqnOuO4:CuC7jj05CUpLhUsj97hM28xmwUuUKkbM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

76f0ff6a013170d0f4adb05580da5e44

Files

76f0ff6a013170d0f4adb05580da5e44
.dll regsvr32 windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Exports

Exports

DllRegisterServer
DllUnregisterServer
PauseW
ResumeServer
ResumeW
StartServer
StartW
StopServer
StopW
SuspendServer

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ