b59e3b6fa6f5c6416210932fac3c8fcf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b59e3b6fa6f5c6416210932fac3c8fcf
Size

87KB
MD5

b59e3b6fa6f5c6416210932fac3c8fcf
SHA1

ea8ac240a904a9a9fa26768da2436c85d0b90696
SHA256

28d7a0411185bbf8b04c7b6baa40a0ee352ffb3a5a1d763e80022199ff8bcc9b
SHA512

ef1b67e53cb9e2e9403dfec4076b02d98a2702977ef29bf4bce20bf1692d7f1c8856ffda167d6e7858aa946da92dcf04eee2f1335b1c52012611e44e67b8e9a1
SSDEEP

1536:0JT2utruMZ1Mj79i2AJBTRmI4drWUlwTD7WCUHPICERjFaYIaAxLV6Uj79v:8T2uMMZuj79i2Uh4dyU6H7ZXjRxanxL5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b59e3b6fa6f5c6416210932fac3c8fcf

Files

b59e3b6fa6f5c6416210932fac3c8fcf
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE