pesinislem[.]1[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

pesinislem.1.dll
Size

368KB
MD5

948bafdd3780098335fcaf0d336304ad
SHA1

30862580595a3a4e9ab46abd97eb6f903ccacf58
SHA256

d791d331d09f1c656ff472188483e3b4cac416f1903c4986584ae1177e7c01d8
SHA512

41ff4cbe08e3c851da0f058deb8d53929289309fa9e91c5c294c9f264f27a21deae4ed1b06fd48b7d254857dd09c43e9802d5a15062cee7560199b2b6fd369f2
SSDEEP

3072:0PSyHjc9M0lr/FvlZuevvTYyf9N2O4s1a2UQv2xBU7SwEfpFgajwtU1mJwmYxgo0:YSyDc6s//PKs1lv2x+AfpdjQww+Esm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
pesinislem.1.dll

Files

pesinislem.1.dll
.dll regsvr32 windows:4 windows x86 arch:x86

f00e92ab26ebbca78896863837da549f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr71

_onexit
__dllonexit
_except_handler3
__CppXcptFilter
_adjust_fdiv
malloc
_initterm
free
_mbsrchr
_access
isspace

kernel32

GetModuleFileNameA
LoadLibraryA
GetProcAddress
GetSystemDirectoryA
lstrcatA
GetCurrentDirectoryA
lstrcpyA
LeaveCriticalSection
FreeLibrary
EnterCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
InitializeCriticalSection

user32

LoadStringA

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueA

ole32

CoFreeUnusedLibraries

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ