0051bffe2387221fc96e93c12e58e147 | Triage

Sharing

General

Target

0051bffe2387221fc96e93c12e58e147
Size

514KB
MD5

0051bffe2387221fc96e93c12e58e147
SHA1

e1ba2080ddef6d6e2a19bd98dbee5550b749ea22
SHA256

91630de8098ee41b9d7f8839f457eac9623fca97616f14f65d015d4843558278
SHA512

f2d0ae37a3344a59cf5eace400d53b75f4577fdc16945f382cc6420500f3d46f13e08fa267c77e5bf74a1efe42d45f927959d277dd42574c97f96a4235a8f601
SSDEEP

384:2idD9d6GAr+4JPrLSGiak0OpAf6iUEWQsdjQ1EKlE4DMzEWZX7lbKX:vLOwaWp3ykpQPE4DsEWZL4X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0051bffe2387221fc96e93c12e58e147

Files

0051bffe2387221fc96e93c12e58e147
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindowA

Sections

CODE
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 73B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ