008cf0a1f653da0fcf7043428d8b6f77 | Triage

Sharing

General

Target

008cf0a1f653da0fcf7043428d8b6f77
Size

45KB
MD5

008cf0a1f653da0fcf7043428d8b6f77
SHA1

5b78f92c9123c4f2064759a29350524c28db6eed
SHA256

9c7bf4cb2baf75475aa4fc6695184aa719f0b912e4f9c3ebf39077b32390239d
SHA512

c218fa3a4d0d521be8cd3dc8bf28cc34be7b1c607ecd0b4bf4d0f86e2f7b1627076dc946749ce4a7822afed8f8c4abc4681f2d81d260c624dc10380baf30c129
SSDEEP

768:1yZCEfgFV4qkPugccPHHHHHHHHHHHHHHHHHHHHHH:1ys4FcIHHHHHHHHHHHHHHHHHHHHHH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
008cf0a1f653da0fcf7043428d8b6f77

Files

008cf0a1f653da0fcf7043428d8b6f77
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow

Sections

CODE
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ