bb4d6c53326c11904f8c92229a1c2229 | Triage

Sharing

General

Target

bb4d6c53326c11904f8c92229a1c2229
Size

167KB
MD5

bb4d6c53326c11904f8c92229a1c2229
SHA1

c0dda78080877b22814d9958c94179eacfbd980c
SHA256

8d1e8b8a8e3a9fa9791c40517b28898cbf6172434467beb369ea3ae47876e160
SHA512

f2cc82797b1c8e321ad1bf2219e1a2b4b1270e6db7702923e9f42ca1c764d0a883f8e3804c332e30d330b446cf452b9a6849b0e100f421fe16896fd696ef8e38
SSDEEP

3072:Y8mMQhHbZWg+jOUhJetoD/11H5zu/Il+U78AGF8qbi7HCq/78ZLsvMu:0MQqg+jOPQ11HI/nOVqmrzYc5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb4d6c53326c11904f8c92229a1c2229

Files

bb4d6c53326c11904f8c92229a1c2229
.exe regsvr32 windows:4 windows x86 arch:x86

7daa3b468406a202816f9f23726863fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32FirstW
_lread
ReadConsoleOutputW
SetConsoleCtrlHandler
SetHandleInformation
SetProcessWorkingSetSize
SetEnvironmentVariableA
ReadConsoleOutputAttribute
ResumeThread
CloseHandle

ole32

CLIPFORMAT_UserUnmarshal
CoImpersonateClient

gdi32

GetStockObject
EnumObjects
GdiAlphaBlend
GetTextColor
RestoreDC
GetTextCharacterExtra

msvcrt

memmove
vfwprintf
_utime
_unloaddll
_cprintf
_getpid
_safe_fprem

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ