af4d0413e0aed723b31a1d828503538f | Triage

Sharing

General

Target

af4d0413e0aed723b31a1d828503538f
Size

462KB
MD5

af4d0413e0aed723b31a1d828503538f
SHA1

db47594b48cbb0f3d9d0e1a43f0689774ae908d2
SHA256

d4ba4fb617059b8d45b6922fa2f23bb0da4f8e1ad8e67a953508ef377aca4fdc
SHA512

416dc01da04b11e0629e734527c634dd98b603531fe1377c8d035dd54134604c58b169f723fbe9ecf642f5dece1f45249a1809385e0aa4da1ded58665dda116b
SSDEEP

6144:7bVPXLakbTqht5o+nKivd8Z4sPYwp4KltOzlZRMCKy6fcWWHDecHAI3C+8hkBg:db4DmavdW4svpLtmRlKMHDuIycg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

af4d0413e0aed723b31a1d828503538f

Files

af4d0413e0aed723b31a1d828503538f
.dll regsvr32 windows:6 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress

Exports

Exports

DllRegisterServer

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 417KB - Virtual size: 417KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ