7d66a8777114878d21ad041499a894d6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7d66a8777114878d21ad041499a894d6
Size

278KB
MD5

7d66a8777114878d21ad041499a894d6
SHA1

eb396d00078b2345ad5cee34773df0060ede9b6e
SHA256

750c066e5f80117732e0ead0bd2ca3d7220fb006df864b3f198ece4dd249803d
SHA512

528adc85496a92a4b7369275f2dbe3a23b089bbe049f5d5bb1fc8f9b894f83a3fbc60af5dfd0ec4f973a46ce070e7c032494e33f97b2a787b3228b3c9a726d2f
SSDEEP

6144:goB0rOkkJZfGLpf5fQKSQo6Qi3VuqnzSVozdin25M:tSKkkJZ4F5fQ5QRzkqnzfR5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d66a8777114878d21ad041499a894d6

Files

7d66a8777114878d21ad041499a894d6
.dll windows:4 windows x86 arch:x86

604af5cd27fa86801742fdf7dd75fd6c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

NtClose

basesrv

BaseSetProcessCreateNotify
BaseSrvNewObDirAcls
BaseSrvNlsLogon
BaseSrvNlsUpdateRegistryCache
ServerDllInitialization

Exports

Exports

BaseSetProcessCreateNotify
BaseSrvNewObDirAcls
BaseSrvNlsLogon
BaseSrvNlsUpdateRegistryCache
ServerDllInitialization

Sections

.text
Size: 275KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ