ddf7b6dedc85d5443fb451cf5ad4c62668497df12e50932013f2df52b34e86d8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ddf7b6dedc85d5443fb451cf5ad4c62668497df12e50932013f2df52b34e86d8
Size

28KB
MD5

44a502bd6cd260a019ecd3fff8e12694
SHA1

2f53f02dbb93ae6128da21f07323eea0e505307b
SHA256

ddf7b6dedc85d5443fb451cf5ad4c62668497df12e50932013f2df52b34e86d8
SHA512

014f284f1764a39b0baa881f183851066b5b546130019394c892da7d99589b24e5f8d0c8e45f215580f185fcf67e4795d49d163f2408346b522fce7425f43df2
SSDEEP

768:3Z0Tvs72gk49hJZUtKVh1fY4r99ftHQ9QxcIf:3ibe2GPM6ua9THpxv

Score

N/A

Malware Config

Signatures

Files

ddf7b6dedc85d5443fb451cf5ad4c62668497df12e50932013f2df52b34e86d8
.dll windows x86

e58ab46f2a279ded0846d81bf0fa21f7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
ExitProcess

Exports

Exports

pt_tzHook
pt_ksHook
StopHook
StartHook

Sections

.text
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE