5cc18a89816b38215595680569933da952662b766ca315238635b9820faf1820 | Triage

Sharing

General

Target

5cc18a89816b38215595680569933da952662b766ca315238635b9820faf1820
Size

995KB
MD5

96b176c0c7bd11372d9bea4700ca1ff8
SHA1

8693b4c7f8380f85dc69e4157601160095c1f81b
SHA256

5cc18a89816b38215595680569933da952662b766ca315238635b9820faf1820
SHA512

76710be68d6afd845c4c90ec1f88decf2b5ef39759b327511876aa79c64e120dde7b4253d717a454da1277d87735fe67302e3b34b34f4f077dffb55c5b5c40a8
SSDEEP

24576:R5ThGl7UALbLDTD9cLdHB791wRZ34zks9X6upUce8:SzXn9c9B7IRWv6e/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5cc18a89816b38215595680569933da952662b766ca315238635b9820faf1820

Files

5cc18a89816b38215595680569933da952662b766ca315238635b9820faf1820
.dll regsvr32 windows:4 windows x86 arch:x86

0cbf970c7b2931021b41a9689023109b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvbvm60

EVENT_SINK_GetIDsOfNames

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 986KB - Virtual size: 13.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE