01f735bafb98d2ce0e60e22c0ae2cc4b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01f735bafb98d2ce0e60e22c0ae2cc4b
Size

20KB
MD5

01f735bafb98d2ce0e60e22c0ae2cc4b
SHA1

ba2524e71c8028729f3b63b2eefeb7216983fb38
SHA256

71f75fbccb7797a605c7dcca24bba0894cc051f4553a6e01dd96320bc8d331bf
SHA512

73b638dd2d51fbecf64d1115ec38fbefc99a3c98499dccbb0b8cf9f4ae63665cd4f2cd4ab3824de8fa58502c7b0a88eccd7990de7ead645e393060a3f30c69a9
SSDEEP

96:Zy7eZonsDr6HO5AAEgL3epYYVhSnk3jL8i:Z6e0s3r+K3e73jo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01f735bafb98d2ce0e60e22c0ae2cc4b

Files

01f735bafb98d2ce0e60e22c0ae2cc4b
.dll windows:4 windows x86 arch:x86

d3a169c7a397e868084f8079460c0a23

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
lstrcatA
GetSystemDirectoryA
SetFileAttributesA
_lclose
_lcreat
_lopen
CloseHandle
WriteFile
lstrlenA
SetFilePointer
CreateFileA
GetTimeFormatA
GetDateFormatA

user32

SetWindowsHookExA
GetKeyNameTextA
GetKeyboardState
ToAscii
CallNextHookEx
SendMessageA
GetForegroundWindow

msvcrt

strcmp
_strupr
strtok
strstr
fopen
fgets
strcspn
??2@YAPAXI@Z
fclose

Exports

Exports

SetHooks
UnHook

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ