4ead546f6ffd0ad9eed8f85579ce04f13cbd7316757891a7d30f0fe99ef48e95 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ead546f6ffd0ad9eed8f85579ce04f13cbd7316757891a7d30f0fe99ef48e95
Size

28KB
MD5

88477f0311120a67c4db5906b41ad314
SHA1

ceea2c8087a2a35b1b106bf3c92f4d9bfc6a341b
SHA256

4ead546f6ffd0ad9eed8f85579ce04f13cbd7316757891a7d30f0fe99ef48e95
SHA512

d0f533a251781f63b2b236fef9785855a8a7b107f57a07d39990adbacad85a9c067ad2056286b55bd020efa51f4be7032e9094f2c775fb26a1f10016e3836edd
SSDEEP

384:4qJLj0+nQWJmS5+bKoHXsaMc7xOOCeiaixm+qvhf:HJX0+nV8K+eoH8/c9Oleiu+qv

Score

N/A

Malware Config

Signatures

Files

4ead546f6ffd0ad9eed8f85579ce04f13cbd7316757891a7d30f0fe99ef48e95
.dll windows x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Exports

Exports

Activate
DllCanUnloadNow
DllGetClassObject
HookProc
Logoff
Logon
Start

Sections

.text
Size: 16KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE