0181cec5b5dfe007a1d3be34bab38831 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0181cec5b5dfe007a1d3be34bab38831
Size

22KB
MD5

0181cec5b5dfe007a1d3be34bab38831
SHA1

06e59c1a004e8f29eda04f6bd44787644a214c70
SHA256

74c84662f95ecf111ad64784f2f39182a47a6e0ba0e2c06b5aae16159056e663
SHA512

2f73e6df07d49eb1eee8f0031ec1214264c27022b909ea03f4c5f37c2b0117f328c17d544f85cb8addf71ec7e2b1b3f2103d2626b9a35bc811eb4ec6f79aec5a
SSDEEP

384:5PyZNjtU2m/ImLKXLHoIi+CGiB0F1UKZMCAdC/ji0NUEPll/hzETMmTMB+UhLjlM:RyZOxKPa10F1UKAd+i0NZlJlETMmTMBC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0181cec5b5dfe007a1d3be34bab38831

Files

0181cec5b5dfe007a1d3be34bab38831
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
SkipFireWall
UnHookWindow

Sections

CODE
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ