b5bde16199183a6f4fb7e2567dce8fd5 | Triage

Sharing

General

Target

b5bde16199183a6f4fb7e2567dce8fd5
Size

140KB
MD5

b5bde16199183a6f4fb7e2567dce8fd5
SHA1

bd87f79c386276ad7164f73404896343d0ea7611
SHA256

3e105406c9c09e34bfcc7d3307c1d44ec08408c2e8047140d937c60159433e2d
SHA512

fc8c13f183250f9ff544d612ad0fa5fb92f46856df28f40c068ab7ec16df1f4c6d0cba6859cdc4a0840d0784b00dbcd7e7c578b6b6ed886f72de58493d19b127
SSDEEP

3072:uDAShnlm0K+7U+mRPFidkahEysJ2p1Y+:OjnE0cdFAJ1sJa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5bde16199183a6f4fb7e2567dce8fd5

Files

b5bde16199183a6f4fb7e2567dce8fd5
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

99
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

a
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vqf
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE