d7c5f8229cd850ff2d683383f83a6eaf6b890807caf30c9ea80f73c828a9f330 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d7c5f8229cd850ff2d683383f83a6eaf6b890807caf30c9ea80f73c828a9f330
Size

1.0MB
MD5

a394a6bc0de2441bff28d72ed4243058
SHA1

7e6f9d6da977544d7a919a9d5f132ea33788fbf6
SHA256

d7c5f8229cd850ff2d683383f83a6eaf6b890807caf30c9ea80f73c828a9f330
SHA512

a45f91d6a97f2883bb5df50288975ef6dbf7437c212961b5e468d516570bea2830b94dff8bfa8360c4ef3aa3b166721c42a14d49ef1b96a1e5a0293766641405
SSDEEP

24576:PmiG5LHTmjIsjZXjK/jTsc+lQsgnFT8Z1/S+oXxTfSDE1M:PmiGXMjZcwQ/61/QheA1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7c5f8229cd850ff2d683383f83a6eaf6b890807caf30c9ea80f73c828a9f330

Files

d7c5f8229cd850ff2d683383f83a6eaf6b890807caf30c9ea80f73c828a9f330
.dll regsvr32 windows:4 windows x86 arch:x86

d69c6479660f6fc7022a75a7d35f4ebe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvbvm60

__vbaVarSub

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.0MB - Virtual size: 16.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE