0a986e64e43226720c7478a67eb9a1ff88d60b6de22b4e4303f9b25a2ab881a1 | Triage

Sharing

General

Target

0a986e64e43226720c7478a67eb9a1ff88d60b6de22b4e4303f9b25a2ab881a1
Size

395KB
MD5

21daf51d8e7049bb0c31001df0df6de6
SHA1

a6ee1e7c3ad2200c04d7809a84fee83ec6eca9de
SHA256

0a986e64e43226720c7478a67eb9a1ff88d60b6de22b4e4303f9b25a2ab881a1
SHA512

bd9a915c1ca02ce7d499871663dcfe623a64ca51283a7efccf14088a7b472e1551dba7a272a9290f293541bc614bea8fcf02faa56acae4529b70c73c16ad5b11
SSDEEP

12288:seeSiw+xtMM0Lf00Ah02DICko3hCsOEsk4t/Ni:CSiht+LfM9DIro0sOEsk4t/N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
0a986e64e43226720c7478a67eb9a1ff88d60b6de22b4e4303f9b25a2ab881a1

Files

0a986e64e43226720c7478a67eb9a1ff88d60b6de22b4e4303f9b25a2ab881a1
.dll regsvr32 windows:6 windows x86 arch:x86

d6a5b02b0d0f00ab2f1b3656537635cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA

user32

wsprintfW

advapi32

RegisterEventSourceA

shell32

SHGetDiskFreeSpaceA

shlwapi

PathIsDirectoryW

comctl32

PropertySheet

Exports

Exports

DllInstall
DllRegisterServer
EntryPoint

Sections

Size: - Virtual size: 200KB

IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 472B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 93KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE