b464143eaf51e1b05f00f21ca7e8f3b3 | Triage

Sharing

General

Target

b464143eaf51e1b05f00f21ca7e8f3b3
Size

246KB
MD5

b464143eaf51e1b05f00f21ca7e8f3b3
SHA1

398b232f42ce0b2cef5cb4e782e88105914e0f59
SHA256

9e7b0ae6c64633ccbef13311bc6f4345aae54edca3b19b82d47c5271c998d52f
SHA512

dcb6ebc7432188168d4d74ef138b51495a364d9a3d67f23f0ca3255c28997466d5c41a785a6ee4935511c75abd945ca6d7ffb8f4e33ca75b0384ee6cc37e7474
SSDEEP

6144:x2Tnyce09BrrRN7NwX79mYT+bh5kvSdx1LEq5h36/b+INwz:ITBZf9N7NwZm04rkvSLtD5hC+IGz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

b464143eaf51e1b05f00f21ca7e8f3b3

Files

b464143eaf51e1b05f00f21ca7e8f3b3
.dll regsvr32 windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Exports

Exports

ByovduPacubsirIikotqd
DllRegisterServer
DllUnregisterServer
ResumeServer
StartServer
StartW
StopServer
SuspendServer
UwnzadqPzicfndnoxh

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 649B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tdata
Size: 235KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE