EnHookWindow
Static task
static1
Behavioral task
behavioral1
Sample
025764ab03e1c4b6108c7ea80a3d199a.dll
Resource
win7-20231215-en
General
-
Target
025764ab03e1c4b6108c7ea80a3d199a
-
Size
59KB
-
MD5
025764ab03e1c4b6108c7ea80a3d199a
-
SHA1
afee177bfffefeaea454c4ff82d27e7a4ed4e694
-
SHA256
6de8c35442ff5bd6a780efaa1ad04b293549fa157f789a6784db8e00be3a5f27
-
SHA512
ef78aec50bbef23a809e51f29decd09eddfdddee25bd0958f0e6b9620cae564f0e2d698c84801a181b4ee7b23daef2788e14f8ac427db1029e25742f85883a4f
-
SSDEEP
384:XPyZNjtU2mRURhjjC93NNiWnDBC+S7lcPEow2SybU1H5zdqydXfo4:fyZ/P8NieDBrel7odX0dq6X
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 025764ab03e1c4b6108c7ea80a3d199a
Files
-
025764ab03e1c4b6108c7ea80a3d199a.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
Exports
Exports
Sections
CODE Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 512B - Virtual size: 236B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 5KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 512B - Virtual size: 72B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 512B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ