0073d22e28f2c63b56d69c26d5268661 | Triage

Sharing

General

Target

0073d22e28f2c63b56d69c26d5268661
Size

25KB
MD5

0073d22e28f2c63b56d69c26d5268661
SHA1

c87ca0116a2968b09db203b762ebb75b05bda9a1
SHA256

eabdcdd8a66cdb8ef6d3c0b556a3b31eb70c206b192c0b3d68d300d9257b0380
SHA512

332346f154d6d7948c681fc457442da8dc2bece442a30b5077067b01cf06c896fb3a3f53277aab8b9363ba345f960714921c4273b2411071107f70c52ecb0b84
SSDEEP

384:FLXTfb7njvr3zGudD9d6GaTfbnhHfbjvrz/7HDPLXTfbnjvr3z/7H3z/HDPDPiYJ:hbd5FRaWE/HfHO1ZFuh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0073d22e28f2c63b56d69c26d5268661

Files

0073d22e28f2c63b56d69c26d5268661
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
SkipFireWall
UnHookWindow

Sections

CODE
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 22KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ