KbdLayerDescriptor
Static task
static1
Behavioral task
behavioral1
Sample
kbdsmsfi.dll
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
kbdsmsfi.dll
Resource
win10v2004-20230915-en
General
-
Target
NEAS.1c92ef6bd27a400b4f1718886df9c940_JC.cab
-
Size
2KB
-
MD5
1c92ef6bd27a400b4f1718886df9c940
-
SHA1
0ac6db62207c838b4591a0c200b8f72be279f86d
-
SHA256
946f4db3661c908539d3bae627e5165520c38e6976d281835715368071ae1561
-
SHA512
2a1c6369a548d76285e0d6356ae8551aafa64ed7c3bb48513f4ee25f79e828166f5dbf6ccbf592217b257922a199c58652832fcb2b8d5938458e47819512b778
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/kbdsmsfi.dll
Files
-
NEAS.1c92ef6bd27a400b4f1718886df9c940_JC.cab.cab
-
kbdsmsfi.dll.dll windows:5 windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Exports
Exports
Sections
.data Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 218B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ