7f65c148cf10add6aacb0d3bdff5944b

General

Target

7f65c148cf10add6aacb0d3bdff5944b
Size

32KB
MD5

7f65c148cf10add6aacb0d3bdff5944b
SHA1

69929485b89cce9c1ec268020adc4043c8a2b506
SHA256

e78565a297b1c79c14cc2e7df35758ed33464cd935a72a61919bfaecb1235eb2
SHA512

55a8a2921e6270ea07588fbc8533f4b7c75849c5ad14d6a9732656a1ba204a88457cdaea168b3accc671f870c65276bc1f984289a10c967e897411da4475e2ba
SSDEEP

384:bZALw0pTuN8W3DbPclkmlY3jeZyD1Z0jAYoIo96J:bZZ0pTuNzbPcSmc0jmIo9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f65c148cf10add6aacb0d3bdff5944b

Files

7f65c148cf10add6aacb0d3bdff5944b
.dll windows:4 windows x86 arch:x86

ea62a5e9b648b7fd5a742d24ff2dc571

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
GetEnvironmentStrings
GetLastError
RtlUnwind
GetStringTypeW
GetStringTypeA
LCMapStringW
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
MultiByteToWideChar
LCMapStringA
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA

user32

SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
PostMessageA
IsWindow

Exports

Exports

StartMouseKeyBoardHook
StopMouseKeyBoardHook

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oicqhook
Size: 4KB - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea62a5e9b648b7fd5a742d24ff2dc571

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

oicqhook Size: 4KB - Virtual size: 96B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

oicqhook
Size: 4KB - Virtual size: 96B

.reloc
Size: 4KB - Virtual size: 1KB