de293344b08b19c5ddd9d81996fdbe8abb0728bbb5b23af70f7a65151c58bbfb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de293344b08b19c5ddd9d81996fdbe8abb0728bbb5b23af70f7a65151c58bbfb
Size

1.9MB
MD5

0b3c3063ba7b14319b8d623bd7737e86
SHA1

5796aa4bcec6812869a4bc5c41ef8e50cd8a47fe
SHA256

de293344b08b19c5ddd9d81996fdbe8abb0728bbb5b23af70f7a65151c58bbfb
SHA512

5b05c9c37af3fd5e03296aa64f1c9b4f3aa24ed84a86813844a5325088955d3853350c0f9178810d05ebafda4315edee0a2a1566842aebe1fdfe963001d8eec1
SSDEEP

24576:6DjkYEMzLpcTxhPepwmYPYoDwojMvxkmswqf+RpuxHj1NP371bg:RyJ+xhXmiYo0ST+ruBR8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de293344b08b19c5ddd9d81996fdbe8abb0728bbb5b23af70f7a65151c58bbfb

Files

de293344b08b19c5ddd9d81996fdbe8abb0728bbb5b23af70f7a65151c58bbfb
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 165B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ