407a80d0f37ffea4be14e9c4bb44f117f21d37af8501853622fa7171254fe8a2N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

407a80d0f37ffea4be14e9c4bb44f117f21d37af8501853622fa7171254fe8a2N
Size

21KB
MD5

c84e2ab4249519800152bac12d3a67e0
SHA1

a95da943f19b7a6bbd30f06c7bfc4ddb2faeb6f6
SHA256

407a80d0f37ffea4be14e9c4bb44f117f21d37af8501853622fa7171254fe8a2
SHA512

7cae0cff99d41636fab8151529747f3e7b808d155bd9e7dc01e5555143dbc170e2a839864f64df12f2c58d42bea93601b15dd82a7646254fe7173bbe7c92dc8c
SSDEEP

384:ZJsjhFpT6pXUN7Q0GJXst06JbcFLQyE3g0M/qTBFZU2T4gaTaEB4Mh2rt:Z6gpmmsWMiBoYqTBXd4gaTaEB4O2p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
407a80d0f37ffea4be14e9c4bb44f117f21d37af8501853622fa7171254fe8a2N

Files

407a80d0f37ffea4be14e9c4bb44f117f21d37af8501853622fa7171254fe8a2N
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JmpHookOff
JmpHookOn

Sections

.Upack
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE