d6d6bb4ad41920d65c6ca922b8d167e7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6d6bb4ad41920d65c6ca922b8d167e7
Size

474KB
MD5

d6d6bb4ad41920d65c6ca922b8d167e7
SHA1

c8b45ae6f1d6952d65378a7c963a9e6b71304ddc
SHA256

efd793d300f072728044298c12a2a686390fe94f8d32cbe7f92498314b4064a2
SHA512

3dd0a7420f4cd8638743451476102198cfbd8f6258f721f270c4e0321f8df47ca0e6afed0391689280a36c4832a5bc374e22cd75e32b6a3ce7694db42eda7237
SSDEEP

12288:c8PEnSnKbBisriv8Iq3rYTIrjHwdskqcNPTkpZXdgQiplROnoibQA:Gb+OoiUA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6d6bb4ad41920d65c6ca922b8d167e7

Files

d6d6bb4ad41920d65c6ca922b8d167e7
.dll regsvr32 windows:6 windows x64 arch:x64

bffa884c141cfb9f17c42805b9961e26

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetThreadPriority
TlsGetValue
WaitForSingleObject
WaitForMultipleObjects
CreateThread
CreateFileA
DeleteCriticalSection
EnterCriticalSection
GetCommandLineW
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
InitializeCriticalSection
LeaveCriticalSection
Sleep
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte
GetSystemTime

Exports

Exports

DllRegisterServer
DllUnregisterServer
FgsydkceduiEwkqugidfy
JxadscptVwnbruxafUodaozedbhho
OxujxinjCusdqjcitzk
PauseW
ResumeW
StartW

Sections

.text
Size: 327KB - Virtual size: 326KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tdata
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE