e19de869cb12494612922b353a8816c92fa79dea0c2b2cf91de663df1ed44534[.]dll | Triage

Sharing

General

Target

e19de869cb12494612922b353a8816c92fa79dea0c2b2cf91de663df1ed44534.dll
Size

452KB
MD5

2f695a1e3e8d36bf867a6f0db74a2d2d
SHA1

594e9e1d516494736dd9e43950c37d6b3ce9e0df
SHA256

e19de869cb12494612922b353a8816c92fa79dea0c2b2cf91de663df1ed44534
SHA512

efbe503c2b952af52a9e0489cdf8503302a5a5f42a8417f7969d8643a512d45b234e446586b40f5b164bdd8aa62c45325701d56f51f83d4690da2fef29fd67d1
SSDEEP

6144:d6TNpkfE5C6l8UhY2lI8lyQlOulRg1Td1E5xiZy2PPSCbHHgRscRSuRkIR8gRxil:GMEE6aUO268kQQuH0PPTbn5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e19de869cb12494612922b353a8816c92fa79dea0c2b2cf91de663df1ed44534.dll

Files

e19de869cb12494612922b353a8816c92fa79dea0c2b2cf91de663df1ed44534.dll
.dll windows:5 windows x86 arch:x86

341dc9af6a167d71e2ebbf8fd0d64c3f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VarBstrFromR4
VarI4FromCy

setupapi

SetupDiGetClassInstallParamsW

user32

GetWindowPlacement

msvcrt

memset

advapi32

RegEnumKeyA

kernel32

GetProfileStringA
GetModuleFileNameW
CreateFileW
GetProfileSectionA

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 396KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ