2e29b98651f09f1ce187e57523afca5bc6155d23730970be3dc935f6127badc8N | Triage

Sharing

General

Target

2e29b98651f09f1ce187e57523afca5bc6155d23730970be3dc935f6127badc8N
Size

981KB
MD5

10dff0ace94adc5a26151cbd9679e0d0
SHA1

a902e2b8731328804574c7c273111936f05423b9
SHA256

2e29b98651f09f1ce187e57523afca5bc6155d23730970be3dc935f6127badc8
SHA512

3eefba113f1db4ad59635524aa07539dd56f2995931d65b2d9f200c689aa6e6c6333b9852d5904daaffe76480d0c03c71ca8b0d773560e5d2e5042290e6cf5a1
SSDEEP

24576:ZIm6RevtvR0R2rsc2FSmaUZM2/or4TBc3H:ZI1RevNU24zAmaUi/4Tu3H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e29b98651f09f1ce187e57523afca5bc6155d23730970be3dc935f6127badc8N

Files

2e29b98651f09f1ce187e57523afca5bc6155d23730970be3dc935f6127badc8N
.dll regsvr32 windows:5 windows x86 arch:x86

aadf5c8667fe05f652d8f2e502e2b9d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

GetModuleHandleA
GetProcAddress

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IAlloc
QueueMemory

Sections

.text
Size: 619KB - Virtual size: 619KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 273KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ