DllRegisterServer
Static task
static1
Behavioral task
behavioral1
Sample
af4d0413e0aed723b31a1d828503538f.dll
Resource
win7-20240221-en
General
-
Target
af4d0413e0aed723b31a1d828503538f
-
Size
462KB
-
MD5
af4d0413e0aed723b31a1d828503538f
-
SHA1
db47594b48cbb0f3d9d0e1a43f0689774ae908d2
-
SHA256
d4ba4fb617059b8d45b6922fa2f23bb0da4f8e1ad8e67a953508ef377aca4fdc
-
SHA512
416dc01da04b11e0629e734527c634dd98b603531fe1377c8d035dd54134604c58b169f723fbe9ecf642f5dece1f45249a1809385e0aa4da1ded58665dda116b
-
SSDEEP
6144:7bVPXLakbTqht5o+nKivd8Z4sPYwp4KltOzlZRMCKy6fcWWHDecHAI3C+8hkBg:db4DmavdW4svpLtmRlKMHDuIycg
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource af4d0413e0aed723b31a1d828503538f
Files
-
af4d0413e0aed723b31a1d828503538f.dll regsvr32 windows:6 windows x86 arch:x86
87bed5a7cba00c7e1f4015f1bdae2183
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
LoadLibraryA
GetProcAddress
Exports
Exports
Sections
.text Size: 42KB - Virtual size: 41KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 520B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 417KB - Virtual size: 417KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 468B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ