7b42d72aff37d1a8c4893dae19372c04 | Triage

Sharing

General

Target

7b42d72aff37d1a8c4893dae19372c04
Size

238KB
MD5

7b42d72aff37d1a8c4893dae19372c04
SHA1

54ff35c5178bd024b2a14c91c805842af705a1a7
SHA256

9decd70b4a35f670ce445f2612c91274cc4fb645cc450d7e0045a9bff3f72d72
SHA512

f51d82b73118f7217e06d1d213196d449731cf824adc49efb2d4f46511ea29041af01e9b3c5f6982fe76df81487b1c9665c5b005c6237debbfe12228a3ff1904
SSDEEP

3072:+7hDb67hDb67hDb67hDb67hDb67hDb67hDb:+7Ve7Ve7Ve7Ve7Ve7Ve7V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b42d72aff37d1a8c4893dae19372c04

Files

7b42d72aff37d1a8c4893dae19372c04
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
gfdhtr

Sections

CODE
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ