ddf2f1ac44fd0c422dbcf762e7b8df09 | Triage

Sharing

General

Target

ddf2f1ac44fd0c422dbcf762e7b8df09
Size

24KB
MD5

ddf2f1ac44fd0c422dbcf762e7b8df09
SHA1

7722f0eac147c1009faf3d3a52f07299d7e3da02
SHA256

f6e1a5968e8bcaca1120b649ac72516da6c087d2d9f9093aedb18bcbd88a20a5
SHA512

91ff8e6532c6701dc232cb905b042516785b2578335e162acd593d61aa4e3671f85c340a48ada82c9999d42987eebea1830a6b7d71cc5357f28c73204d7615b3
SSDEEP

384:B3sfSLA7lSi5ZQ69pg3iY/EDHM84OvKEceIxs8kZpaxMhM/uQAvuOa05ubLFX+UI:B3gb7ZZLN17Uns8kZYahM/upF1QPFXFw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddf2f1ac44fd0c422dbcf762e7b8df09

Files

ddf2f1ac44fd0c422dbcf762e7b8df09
.dll regsvr32 windows:4 windows x86 arch:x86

0e3395a3175b60be922b7de5995aaa4f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

gdi32

SetPixel

wsock32

WSACleanup

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

CODE
Size: 19KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE