0002c85d7e59a8d77d46213b24364654[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0002c85d7e59a8d77d46213b24364654.exe
Size

22KB
MD5

0002c85d7e59a8d77d46213b24364654
SHA1

5bd958dd76d046629c521839ca6420f3fbe1ebb9
SHA256

ed4e8181f721011a041319d195c1940d25a3c52b8ded1aaa73d4dbdc11bfc906
SHA512

9df5e5eeee8bfa3904779ef47bfe8ea408ae4aa736337808834300b680a79d33e3710201ff6b375a9d962da273253c221c7ed9e472f89d8b0df7373cb8442826
SSDEEP

384:lpdNjtU2O5Z74yEESpMuPf4COZrKlzJaMFSOeOUjQRcv/C835AzwiythAH:lpdW14pzf4Cu0zJatOeRQWlAwiyvo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0002c85d7e59a8d77d46213b24364654.exe

Files

0002c85d7e59a8d77d46213b24364654.exe
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
Skip3546Wall
UnHookWindow

Sections

CODE
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ