002e13797520968a47503e5e0373fd2a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

002e13797520968a47503e5e0373fd2a
Size

22KB
MD5

002e13797520968a47503e5e0373fd2a
SHA1

3b4d66ded7ac2e82ec0280018c6ef249992a7ba3
SHA256

b960a4193eaaed352de8abbb8e901d5a849a6e195b6b0b524831f7d25318b70e
SHA512

d3ae0401a5b0cc24c16de3379ba2bb2fd73c0614c7a54d59a776f08ee64875c74ac642a29b2ae42b0cd4198e8b6e3335688b2648809480295a1504ff5f22104e
SSDEEP

384:1Or5NKZ2CUgMsnyZWBVp1XIdm5IuXQjXCqxEFtAFA0zEPkYYOIXeL7H:Mr5lWtX+m5AyqWfUEPSWP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
002e13797520968a47503e5e0373fd2a

Files

002e13797520968a47503e5e0373fd2a
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
Skif4freW4ll
UnHookWindow

Sections

CODE
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ