345afe2f1cdfbdad48e397b3dd2727a1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

345afe2f1cdfbdad48e397b3dd2727a1
Size

10.3MB
MD5

345afe2f1cdfbdad48e397b3dd2727a1
SHA1

7f57df65b208785504fd161d6e060512a8a459a6
SHA256

3e09cf8e60d1ff50ceaca15af529ce85700e851eb9ce9826057445029a0bcb2d
SHA512

4fe9b1c155b21297350703da491fa7c2a5d62787d0901e06448b62242a5f04b729e4af6494f0a1d1b7e47be477ef87eac84ae8b6131db5b37a3c2900cfeab57a
SSDEEP

384:9RdCy/MqlWGmQm9o+Nmo1I7BnOKzpjt6AzvV0LAF:1Cy0qlfmQ4ebdRDv6A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
345afe2f1cdfbdad48e397b3dd2727a1

Files

345afe2f1cdfbdad48e397b3dd2727a1
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

HideProcess
InstallHook

Sections

CODE
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 95B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ