2e96a68f0beb64bfb84dbe90a19ffa2e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2e96a68f0beb64bfb84dbe90a19ffa2e
Size

78KB
MD5

2e96a68f0beb64bfb84dbe90a19ffa2e
SHA1

d223f892a17515eb31c5d2c358855dad1f5a6108
SHA256

7152bf240528b7bd500a6e6edca9eff6b57c8765594702149259e37d3bd9870f
SHA512

ed832b44364e681da807583946cbc71da4f269b5d7ece79cde3dd46542f3eb7f04e18bc2981e3ea8e071ff007433e772e3049102877966f1284cdb253e14d09a
SSDEEP

1536:fUaTX2+ZCp6PiA2w/TfHijuXEiP1Xr5guwkglg6Xs7jNt0q:HTXAp668/jHijuT57wLlgJjNx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e96a68f0beb64bfb84dbe90a19ffa2e

Files

2e96a68f0beb64bfb84dbe90a19ffa2e
.dll windows:4 windows x86 arch:x86

2580486e0dab974b37798b4da0a66286

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetConsoleScreenBufferInfo
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
GetConsoleTitleA
GetLastError
ReadConsoleOutputCharacterA
CloseHandle
GetStdHandle
GetVersion
GlobalAlloc
GlobalFree

user32

GetFocus
GetParent
GetWindowTextA
ToAscii
CallNextHookEx

msvcrt40

fclose
fopen
sprintf
strerror
_errno
_initterm
fflush
__p__pctype
_isctype
__p___mb_cur_max
fputc
fprintf
free
malloc
_adjust_fdiv

Exports

Exports

_ConsoleHookProc@12
_KeyHookProc@12

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 106B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 862B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 678B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ