d6b0610dddd10b6218843395b41ecb7d | Triage

Sharing

General

Target

d6b0610dddd10b6218843395b41ecb7d
Size

30KB
MD5

d6b0610dddd10b6218843395b41ecb7d
SHA1

c0bc5d97dc84eeaea90797f84c45a8408297b656
SHA256

774fce400b9e39e35fdf9d28b431cccd013ca5b7b559d2c803fca9c642618efb
SHA512

cc4aa5eb41d25909a94f239761932d6e8887b7fbb1fa7cb38fd07fbb08c365883b4f2ce74adc68ddfd6f4617f4feb70d8c6504b97f3980547b53a7a3fe176443
SSDEEP

768:dLM8JjlVmnpNqRW+UWs3AjuKm+pIGjKdhPWXa:dLnjlVmHDWswjG62AXa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6b0610dddd10b6218843395b41ecb7d

Files

d6b0610dddd10b6218843395b41ecb7d
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

ClseHook
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
OpenHook

Sections

CODE
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 199B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ