8b408dcc767741890a4241560e51a1b0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b408dcc767741890a4241560e51a1b0
Size

12KB
MD5

8b408dcc767741890a4241560e51a1b0
SHA1

873e2bc500cdf3aca4dcf8b609df53df49578777
SHA256

1e40efb479b4cb3f517fafdf64e1dcd850cccbe7da27a6cf0d1bdf736ab8104f
SHA512

13f8c499ad942bacc3cde2d2c76626e5031ac8bee781b43fac1142568ddd696808d7ec6b1b701d716a40736a411fb2a5bce491d1d43350ae45fe98e590d04ac9
SSDEEP

192:iQz/pHWKVJCFSvmIQi0ofHT08S+Kn3XyGiMoqFsonu/R6+c:iQzXkmm9iKHyPSORo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b408dcc767741890a4241560e51a1b0

Files

8b408dcc767741890a4241560e51a1b0
.dll regsvr32 windows:4 windows x86 arch:x86

a6504f093df40745a26af8720244b742

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemDirectoryW
GetVersionExA
lstrlenW
lstrcpyW
lstrcatW
lstrlenA
MultiByteToWideChar
lstrcpyA
lstrcatA
GetModuleFileNameA
CloseHandle
FreeLibrary
HeapAlloc
HeapFree
ReadFile
RtlUnwind
lstrcmpA
CompareStringW
PulseEvent
GetProcessHeap

user32

wsprintfW
CharLowerA
EndPaint

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

oleaut32

SysFreeString
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ