30dcff889b0f1e56932bc88c95f0dc94 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30dcff889b0f1e56932bc88c95f0dc94
Size

317KB
MD5

30dcff889b0f1e56932bc88c95f0dc94
SHA1

60493b2d584166364624eb9cd4fd8e9be96c0b95
SHA256

e4e8c21994f7b4b34bb0d244fd8553ce56fd0d31e22bdb2231c40e82a170a82f
SHA512

a6b82bd1a4ed681de13955919b6df20a810411b9cace1f1af3bd959f5da62c5b58706f08bb3164e62265a902b38d07a2173f9a6d635e4213c04a2226853b0529
SSDEEP

6144:eyvg7o6KwVMDpFX0CmjviSrg/n2AsnoLLNv+C7Eq:bmMsCm2Srg/n4nEN37

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30dcff889b0f1e56932bc88c95f0dc94

Files

30dcff889b0f1e56932bc88c95f0dc94
.dll windows:4 windows x86 arch:x86

ab44325cb9c73bf27e934bfba53395f4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
CreateThread
GetProcAddress

user32

GetWindowTextA
CallNextHookEx

Sections

.text
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MySec
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ