0ddd2e98687f832682a8a7fb7af09f0d | Triage

Sharing

General

Target

0ddd2e98687f832682a8a7fb7af09f0d
Size

7KB
MD5

0ddd2e98687f832682a8a7fb7af09f0d
SHA1

5df33454af0694b2db9148179d5394dc22233a5e
SHA256

35b8c503034a4dc28627a8df60f920d5cbdc5d6d030b1ffb645effc31b2f8aa1
SHA512

f81067a9d618afd3a01987361c97cb6fdeb5b38f0721e0b9fab8acc0531a5a1f854ead4ac2ccb90919578fbb939696292d9bb5c838fc2471bd9c1512dc30d46e
SSDEEP

96:NGI+n9rOdqUTo6zJBp8Q7/+a67OXCxeQPRIq:V+lOvNl67OXsecK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ddd2e98687f832682a8a7fb7af09f0d

Files

0ddd2e98687f832682a8a7fb7af09f0d
.dll windows:1 windows x86 arch:x86

3de1275303487e8accd5f4a3da2e8423

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetEnvironmentStringsA
CloseHandle
RtlUnwind
CreateFileA
SetFilePointer
WriteFile

user32

GetDlgItemTextA
GetKeyState
GetWindowTextA
SetWindowsHookExA
UnhookWindowsHookEx

crtdll.dll

_fdopen
_open_osfhandle
fclose
free
_cexit
malloc
memset
printf
raise
setbuf
strcpy
strlen
strstr

Exports

Exports

_DllEntryPoint@12
_HookProcedure@12

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 84B - Virtual size: 84B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 188B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 852B - Virtual size: 852B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 420B - Virtual size: 420B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE

.edata
Size: 128B - Virtual size: 128B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ