e9ba7d15845f962634e48d0d6cb3a43c19cdd53c47d89687d9f82f45f5a70952

Sharing

Copy URL Twitter E-mail

General

Target

e9ba7d15845f962634e48d0d6cb3a43c19cdd53c47d89687d9f82f45f5a70952
Size

140KB
MD5

75d7fffeae2bc5cd3d22692fc655893d
SHA1

149be9504d673fb6e37120b1b2163a123e47ea72
SHA256

e9ba7d15845f962634e48d0d6cb3a43c19cdd53c47d89687d9f82f45f5a70952
SHA512

1e9d559c1f9248b915cf8dfa88f0552d7e7613da5979a31d6e8c2ef7bc7dc90b19702b05cbd8f2d798e19f9271ded8babeeb17aea109ae93e02109b8c4d4cd76
SSDEEP

768:IIoaubuFta7pRwiqiM22GswEWPyCr4fv4fOSduyAyWnWSnaEV36/ijVw2BexJwZ:4aZGNRtnsWPyCktOKy2Bexo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9ba7d15845f962634e48d0d6cb3a43c19cdd53c47d89687d9f82f45f5a70952

Files

e9ba7d15845f962634e48d0d6cb3a43c19cdd53c47d89687d9f82f45f5a70952
.dll regsvr32 windows:4 windows x64 arch:x64

8351191af5cef6d0b6ca27a6f668bb71

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
EnumResourceNamesW
FindResourceW
GetEnvironmentVariableW
GetModuleFileNameW
GetProcAddress
HeapAlloc
HeapFree
LoadLibraryW
LoadResource
MultiByteToWideChar
SizeofResource

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 247B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8351191af5cef6d0b6ca27a6f668bb71

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 48B

.rodata Size: 4KB - Virtual size: 20B

.rdata Size: 4KB - Virtual size: 416B

.pdata Size: 4KB - Virtual size: 144B

.xdata Size: 4KB - Virtual size: 88B

.bss Size: - Virtual size: 16B

.edata Size: 4KB - Virtual size: 247B

.idata Size: 4KB - Virtual size: 552B

.rsrc Size: 100KB - Virtual size: 96KB

.reloc Size: 4KB - Virtual size: 16B

.text
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 48B

.rodata
Size: 4KB - Virtual size: 20B

.rdata
Size: 4KB - Virtual size: 416B

.pdata
Size: 4KB - Virtual size: 144B

.xdata
Size: 4KB - Virtual size: 88B

.bss
Size: - Virtual size: 16B

.edata
Size: 4KB - Virtual size: 247B

.idata
Size: 4KB - Virtual size: 552B

.rsrc
Size: 100KB - Virtual size: 96KB

.reloc
Size: 4KB - Virtual size: 16B