0008f4d9901ab27620acb55c707de9f9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0008f4d9901ab27620acb55c707de9f9
Size

22KB
MD5

0008f4d9901ab27620acb55c707de9f9
SHA1

4b7643f7cf058a0d64f84a5801663ab5d74e7840
SHA256

7b02a48c65f70745c8c707594921165161da3f120adb03f658808f1dbe5d56b2
SHA512

9b004f6b34680cb27c282e5a615d3c89ffaec83963cb09c2f05d47b130ab5ffc43fdb2b3c3e3b8a9243071503835a963d8b74da763adf90c74bb54aa20e17dff
SSDEEP

384:UPyZNjtU2mJVAbAp6T6UbSC8aY2o7CMi13jsAz1ZMhnTRu/WIyFw:EyZidpO6K8ajoIsA1Z0o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0008f4d9901ab27620acb55c707de9f9

Files

0008f4d9901ab27620acb55c707de9f9
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
SkipFireWall
UnHookWindow

Sections

CODE
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ