85e820ff3eb1a39e35acfe20ab6197fa76863b937457d33cef21b0f40fa74162 | Triage

Sharing

General

Target

85e820ff3eb1a39e35acfe20ab6197fa76863b937457d33cef21b0f40fa74162
Size

432KB
MD5

825f57e5e7ae7930ca8d8c6d0246c81c
SHA1

1b8f84a389d4ffc5db414d015a80df2f79593af1
SHA256

85e820ff3eb1a39e35acfe20ab6197fa76863b937457d33cef21b0f40fa74162
SHA512

51538433c7cae3ef2c54a07504a8237b401fbd814ebef0a295759f530b95a5bfbb88562e6bc189d192cdd382195876b674d1715bdd763e086cd3c882d2a7de90
SSDEEP

12288:AfIMMtXLVqjKRiBMzyH2DsGGkGORBObEzyeu1zTbzr:AAMMXcjYPzyWYGGkGORBDzgz3zr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85e820ff3eb1a39e35acfe20ab6197fa76863b937457d33cef21b0f40fa74162

Files

85e820ff3eb1a39e35acfe20ab6197fa76863b937457d33cef21b0f40fa74162
.dll regsvr32 windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Exports

Exports

DllRegisterServer

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 398KB - Virtual size: 398KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ