8b1dba13ad4af8d8b3e04b1441c681a1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b1dba13ad4af8d8b3e04b1441c681a1
Size

59KB
MD5

8b1dba13ad4af8d8b3e04b1441c681a1
SHA1

de32fac7d964b400e6e8cbdf1319032ea8d5dc9d
SHA256

4a513b9fd4d2722c6748aee03765a013c4a1a0f57ae3be55616c33781933edad
SHA512

8a4eb7f9f55b66f217bbdf61311d2e6ba6078453755417d69e1a47677bed604c65bcd784a5d1ede946f35f6b1037a9e7e92e80e999ce009b2e84767041409bb3
SSDEEP

768:6Kzyk/muT2ZfFfjwcbsuBJtfF6ZVhRob2yENLSkg69McgoIzKCyPo9sB1IhFZu9z:6Iy4HT2X+uLxF6VBEeCyw9scZGg8nz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b1dba13ad4af8d8b3e04b1441c681a1

Files

8b1dba13ad4af8d8b3e04b1441c681a1
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 58KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE