a388d4ed0888dd17e0c0598f79842b8b469ea12a45d924f8c4afdce233c30d68 | Triage

Sharing

General

Target

a388d4ed0888dd17e0c0598f79842b8b469ea12a45d924f8c4afdce233c30d68
Size

340KB
MD5

1471a8fc48717c6adce5075071358477
SHA1

9b3b05aba13da9fd9f5f9a2d192d4ebbbe1c97fd
SHA256

a388d4ed0888dd17e0c0598f79842b8b469ea12a45d924f8c4afdce233c30d68
SHA512

3493c1dd82f5a30a9796e39e951b8a509326afa4c3c4f3b2ad9e0e720ebdb4d56c27b83359dfc8bbfb5c8ca8573088d7ee17688092a6359c46ae8126cf65b6a7
SSDEEP

6144:5ti3Btbc5NveHeQtt7/qn5QKoChTbo4jTz7DsTcczIuy0zDqaGTxTEiTd:3iTbc51iLn7/qXoChTbo4jTz7Mz40Xyx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a388d4ed0888dd17e0c0598f79842b8b469ea12a45d924f8c4afdce233c30d68

Files

a388d4ed0888dd17e0c0598f79842b8b469ea12a45d924f8c4afdce233c30d68
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

Size: 191KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 111KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE