c4b874df0764b9be165d6bb2dc90a919 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c4b874df0764b9be165d6bb2dc90a919
Size

104KB
MD5

c4b874df0764b9be165d6bb2dc90a919
SHA1

922fb1eec874187225ece9cf85bf80fa86338015
SHA256

0c372a9ad9d124df38508f94d7df21a003eb75661801be82c5c9f802f3a8e0d8
SHA512

91bd21b10ddd78f79b13f64082ef15a8b365a733ed15b465b2ef3cdcde717d15022f2c97bae3850c425f0fe392b85e6655f4df34b8000bf94e0f93e90471e6cb
SSDEEP

1536:WBHoYTGaiCQ8rKU4Ghw9waK6vk3R1W0V5HjGnThYqunSD4rw6yIPu0WQ8q:yJTGaaUf+hfE1WslccnSD6w6J2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4b874df0764b9be165d6bb2dc90a919

Files

c4b874df0764b9be165d6bb2dc90a919
.dll regsvr32 windows:4 windows x86 arch:x86

a02f59e8b6cf01cae6fcaac1c1563598

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEndOfFile
GetCurrentThread
SetEvent
GetFileAttributesExW
SetLastError
GetProcAddress
DuplicateHandle
Sleep
MultiByteToWideChar
CreateFileW
SetCurrentDirectoryW
LoadLibraryA
FindNextChangeNotification
MulDiv
InterlockedDecrement
SetWaitableTimer
FreeResource
GetDriveTypeW
WriteFile
CreateThread
VirtualAlloc
LockResource
CreateEventW
FindNextFileW
lstrcpyW
FindResourceExW
GetPrivateProfileStringW
ResumeThread
GlobalDeleteAtom
VirtualFree
SetFilePointer

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.uxwuht
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qmsfh
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tywtx
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ