04d67f08c52c386391f77bc1b4d02d1e | Triage

Sharing

General

Target

04d67f08c52c386391f77bc1b4d02d1e
Size

51KB
MD5

04d67f08c52c386391f77bc1b4d02d1e
SHA1

3364096d19cfd97c431abe811c7a2e084fbdf711
SHA256

e130147f54d3cad9372fe33d2d4a7d436bc185e3b4b71df0f69a07a8f876f16b
SHA512

9e4cfa1a9c19abd59c44a977fb9955709856b77ba6f04d829e0d826af9566d76ed7829e5d3f5595ae7588c65786458c10749474458765afcfea87800dc23ca2b
SSDEEP

1536:BfQAl+7ovOJ3bdbx8LY9Uuk6ujD0V73/pO0zj:dQAl+pfKYLk6Ox0/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04d67f08c52c386391f77bc1b4d02d1e

Files

04d67f08c52c386391f77bc1b4d02d1e
.dll windows:4 windows x86 arch:x86

d789bbd14d9363f075bb8a0efcaa628b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

time

user32

UnhookWindowsHookEx

advapi32

RegQueryValueExA

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE