b5e2ad54080589007d5d50c7fa886f6a7299265a60b4aee073e3ae7b9e89d22e | Triage

Sharing

General

Target

b5e2ad54080589007d5d50c7fa886f6a7299265a60b4aee073e3ae7b9e89d22e
Size

38KB
MD5

9eab152235102355a9ac0293a1c22562
SHA1

e7bd145aecfde1acc497492746e37b53445dda7f
SHA256

b5e2ad54080589007d5d50c7fa886f6a7299265a60b4aee073e3ae7b9e89d22e
SHA512

ebd4c439a5a0173207209b1834de209e94b7ff83386225a9c22eae30358cda00d07155ac7cc2205b0bef9401706d0d3d5568ff14a97b8698574c6f762bd3f479
SSDEEP

384:3Ss9+y4P2mwASOYgDZE2UQixOai3II7ZUq7WoiZHM9pP8njLlMGaZHM9pg:3SsETLJPDZE0ix9i3I0ZWqMM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
b5e2ad54080589007d5d50c7fa886f6a7299265a60b4aee073e3ae7b9e89d22e

Files

b5e2ad54080589007d5d50c7fa886f6a7299265a60b4aee073e3ae7b9e89d22e
.dll windows:6 windows x64 arch:x64

001d993cb52b06dd86f1aafa1c13bed8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetThreadPriority
GetCurrentThread
CreateThread
WaitForSingleObject
DuplicateHandle
ResumeThread

Exports

Exports

DllGetClassObject
IyuwwbdcdIacoxnkGsxosivbpl
PluginInit
RhwnxwmkduqurjsnCvxjzhjskyhk
SvgodvtPtqaygbNnierinbqgqd
UxeuJotsvVeesolke
update

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ