b5a050381bbabb6708d7fc56adc48c04 | Triage

Sharing

General

Target

b5a050381bbabb6708d7fc56adc48c04
Size

85KB
MD5

b5a050381bbabb6708d7fc56adc48c04
SHA1

de9beb17f39644d3c5482a522748c2f2c3a1c885
SHA256

da29ed4af145074e0641a5b78a7ffd95e2bdcab8abf5c8a58ba68908e1f09535
SHA512

3d8da354dbad613c84c6daa36b3bfc8ae378e744729a2b7fbdfa120bc51fd1261ba13c4d7d1dc2fc2829c6c7d419f2babcac93354af9e86ec5d01a1fa24d4912
SSDEEP

1536:nL9EH/Uc6+RV4FoTk4ghwwYZoqhRSQrsz4rbaZo5lXoUn/Bn8xg5iWqU5IT3bpfT:LM8c6+RV4Fow4k2hJrszUbt//B8xd9Aa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5a050381bbabb6708d7fc56adc48c04

Files

b5a050381bbabb6708d7fc56adc48c04
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 82KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE