1f837adfc04eacde3c59be6a6eb509e0 | Triage

Sharing

General

Target

1f837adfc04eacde3c59be6a6eb509e0
Size

18KB
MD5

1f837adfc04eacde3c59be6a6eb509e0
SHA1

4613678f028bdc5e3b88fa4ad0ef3e27417322d6
SHA256

dc9f4c4b3f96a4d870f06b723526f5e4adc0eecb4d62762108e87a941c050903
SHA512

ef91cd2844895b1398b0c0ecee5a07cee7f6a50258cd3f2af65e44ac88355f907a979150dc1964a6b367780340c951ac53903e8fdeaab9cc0d418c0c5122efdd
SSDEEP

384:+au0NKwhhA8zoWrELZQf3gajhMY4oyz1v4YYOuP4:ru09lTai/ed1vmC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f837adfc04eacde3c59be6a6eb509e0

Files

1f837adfc04eacde3c59be6a6eb509e0
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
Skif4freW4ll
UnHookWindow

Sections

CODE
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ