bba04a6d29fc2b017dcf337d0a67b7f2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bba04a6d29fc2b017dcf337d0a67b7f2
Size

86KB
MD5

bba04a6d29fc2b017dcf337d0a67b7f2
SHA1

c6ef51e768cab52eb2ede4212e78d68380997d25
SHA256

bfb6e9ad358346ce8d1f97f425d718ff058d5b775ce7d30e6f6e8eba4d59715a
SHA512

a483e07436dd34493b4e0a3cbc000177c5b0dd789f087e7b860823cab1e66e95ef07c1ca03ddd4858c0ce2a1be8ec11164ec82bdb0819c15832b2ff781589400
SSDEEP

1536:Fb3sJdSbOjNp+gI89RqboEgyGrgHvPSPMZ7E5WVIp0wfds4m0xM9jfl0F+5oE0:Z38dSbwPJI8/VzydHnYMdIjpFfdI0PF9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bba04a6d29fc2b017dcf337d0a67b7f2

Files

bba04a6d29fc2b017dcf337d0a67b7f2
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE