a68a5dd9dddcced7b6315d9e66b2b28b60e62aa20028d0f8089745858f8f7dda | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a68a5dd9dddcced7b6315d9e66b2b28b60e62aa20028d0f8089745858f8f7dda
Size

511KB
MD5

618783fe1144f436eda4ee189318b6b7
SHA1

ed5a3fcb9e0450b475be637eb009d8b666fe9dd6
SHA256

a68a5dd9dddcced7b6315d9e66b2b28b60e62aa20028d0f8089745858f8f7dda
SHA512

a6e5d0388ba887f64209754ab26141693118e53de6f922adbd4418f401aeb344b68bd0047d7e6410ca64e79fd48e83bd3354267b7028dfb68ce0d9d761414d77
SSDEEP

6144:WikWCGQJqNKngfKEICjT/gYTYv0bXIYh2Pi32aDfzMud6Lx/x553YPdCagddJ7i6:rkWZQ+KngvZNDYud6BWEdJ7iBAQUKW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a68a5dd9dddcced7b6315d9e66b2b28b60e62aa20028d0f8089745858f8f7dda

Files

a68a5dd9dddcced7b6315d9e66b2b28b60e62aa20028d0f8089745858f8f7dda
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 435KB - Virtual size: 434KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 167B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ