05329f9ecde6ab5727183ce9227e73d7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05329f9ecde6ab5727183ce9227e73d7
Size

33KB
MD5

05329f9ecde6ab5727183ce9227e73d7
SHA1

ea52def93f0dbcb2c3b0e2748b3c6f5fdd18ac22
SHA256

bcc0f6c097f6bac75ed74fe5992aabbcade6ca8b8fbe3329ccfbfd8f2b09f700
SHA512

7b6228979bc392c46b741b0476edb849229859adf190e6984a43a3405d645c152ea579891753d723ee275d858deefb46ec9d08ee1ada0e4033ca52721b940c92
SSDEEP

768:deHqE1szHLkodKZXirZAQ/WEMUvsGyiNtD72ds5ivgu6g51E2Rwc:wHqE1sYXdQ+EhvsMNt/2ds5iv3z5Os

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05329f9ecde6ab5727183ce9227e73d7

Files

05329f9ecde6ab5727183ce9227e73d7
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

Hookoff
Hookon

Sections

CODE
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 15KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ