b677dd38fb53c4c7fb5f86c62c6c1c36 | Triage

Sharing

General

Target

b677dd38fb53c4c7fb5f86c62c6c1c36
Size

619KB
MD5

b677dd38fb53c4c7fb5f86c62c6c1c36
SHA1

58579014e414c2317aff864003197cc011295543
SHA256

4c0d6b243c1ce31a8994eaa988795475d660c1c8a8b93ca4d5c7636be809f47c
SHA512

cec8a37e01606e9f68ef28a3add4177e01856f78e9200a13e0b69a61c0ca0fafaddab1819641c696ca13b034c04c0b79a65c9aaececc21bca1f5e7d2288eb5f4
SSDEEP

6144:uP1vcksbe7cp8t7tkbVr8AFq8BgoWwK8ExPSpANCR6EDAAcUtRndNu7oiyRqengY:uHLoWwkxapzR6YBtlju7oiyRZKV1yX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b677dd38fb53c4c7fb5f86c62c6c1c36

Files

b677dd38fb53c4c7fb5f86c62c6c1c36
.dll regsvr32 windows:6 windows x64 arch:x64

35890417b8426ce9add593489cc763e0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetThreadPriority
TlsGetValue
WaitForSingleObject
GetCurrentThread
VirtualFree
VirtualAlloc
GetProcAddress
LoadLibraryA
GetSystemTime

Exports

Exports

DllRegisterServer
DllUnregisterServer
PauseW
ResumeW
StartW

Sections

.text
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 250KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ