004f6bb4d13ade6c7dc176e7651ba5f2 | Triage

Sharing

General

Target

004f6bb4d13ade6c7dc176e7651ba5f2
Size

22KB
MD5

004f6bb4d13ade6c7dc176e7651ba5f2
SHA1

68c5bfb3cd6932f793b14074a2dc102c951075f9
SHA256

ac403c27c07ec76aac2ae54803ac6268a443384c03135467e767f3a87084dcce
SHA512

baa5f40cae515348bc35b2b95594c55a96addbd257d0b8596f5d44e68d6f235547f31602ae9f2f9a6d6625c85a735a7b221f99e61b77ac228a190c6fd02a5a18
SSDEEP

384:EPyZNjtU2mJVAbAp6TCEeK8Kgl4J9zz1njzWSz1ZMhvW534m2:UyZidpOCi8KU4lzWS1ZcYI5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
004f6bb4d13ade6c7dc176e7651ba5f2

Files

004f6bb4d13ade6c7dc176e7651ba5f2
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
SkipFireWall
UnHookWindow

Sections

CODE
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ