8b8295f551f644661839dc479c296d91 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b8295f551f644661839dc479c296d91
Size

83KB
MD5

8b8295f551f644661839dc479c296d91
SHA1

56f6bb93b8f6e1655dc7152286c78bacc7b78c07
SHA256

cf7090a8f946c0cb29e405c0f87a9e2e5eeb7b06ed83236788cc79083737c7da
SHA512

a6bb214a9f416a87e49d7c7396991b2a27f12b9c2993af2810bb0fcace74ac78e1d67b0f67e767f37b4d531b2cfe3eb85f032cc2dfbf724d2b7672d653eed999
SSDEEP

1536:gkP3dn2FbZ7AqmTHpdKMypPcgb52gdp5rSjfb61YnyQN0DC/tU3VTIPSBh9hS2BB:gWcFbZ7kTJup0gVDdn+aiym0utWvhTsY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b8295f551f644661839dc479c296d91

Files

8b8295f551f644661839dc479c296d91
.dll regsvr32 windows:4 windows x86 arch:x86

5ca606729b178ebabcd18310b88a75a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
??3@YAXPAX@Z
_CxxThrowException
_EH_prolog
__CxxFrameHandler
malloc
free
realloc
memset
memcpy
_stricmp

kernel32

GetModuleFileNameA
CreateFileA
GetFileSize
ReadFile
CloseHandle
FreeLibrary
HeapFree
IsBadReadPtr
LoadLibraryA
GetProcAddress
VirtualFree
VirtualProtect
HeapAlloc
GetProcessHeap
VirtualAlloc
GetWindowsDirectoryA
GetSystemDirectoryA
GetComputerNameA

advapi32

GetUserNameA

Exports

Exports

DllGetClassObject
DllRegisterServer

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 366B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ