068bc719de2aff9135b89d7c174556e4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

068bc719de2aff9135b89d7c174556e4
Size

20KB
MD5

068bc719de2aff9135b89d7c174556e4
SHA1

c88d8d31cc39238ac9d22c7c995aa717cf1754ba
SHA256

7de81be2721e3fdd6cde3aaacdb49de82e7f28876cd55c69219cad9d2ce57f87
SHA512

0656a14ecfae306c9311d80a78fe0cd9a1d7a95b9060af8d6242c296be7d4b405e5a33662f11d63afa1bcf1aa3618a1a0490ae49c3dee0cbc21a5a7707399ac1
SSDEEP

96:Z5taIluXRGeXRcXXRlofXRXPXMUBbCAT4b4ovjgff5LTZDQ4EC4pty7HBPib:5aIwXRhXRWXRlqXRfXMyCP0fhxMvEG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
068bc719de2aff9135b89d7c174556e4

Files

068bc719de2aff9135b89d7c174556e4
.dll windows:4 windows x86 arch:x86

50087b58523f9708a4956913b05f3eab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemDirectoryA
DisableThreadLibraryCalls
GetTimeFormatA
GetDateFormatA
CloseHandle
SetEndOfFile
SetFilePointer
GetFileSize
CreateFileA

user32

GetKeyboardState
ToAscii
MessageBoxA
GetWindowTextA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
wsprintfA
GetForegroundWindow

shell32

ShellExecuteA

msvcrt

_stricmp
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
_strlwr
strstr
fwrite
fopen
fclose
fprintf

Exports

Exports

HookProc
InstallHook
RemoveHook
ShellProc

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ