38731fd8b7dd8b5012e21279ccddf08b | Triage

Sharing

General

Target

38731fd8b7dd8b5012e21279ccddf08b
Size

25KB
MD5

38731fd8b7dd8b5012e21279ccddf08b
SHA1

c133c1b67f6784dd1ec59e37089a70bef55700b0
SHA256

c207d5696ac8236f41bc09978b3815b3d11b48df7bef772a91ced48959acc7f9
SHA512

32e22a0ce220e463d7738ae78f39762c63217896b007a33d4ae666bc53c663dc3e856a64682ee94bab9a20b2d8dad07e6b77a26f2dcbbfdc9128632f1a6ffed8
SSDEEP

384:wVxz0CRc3qd+16/QuCTIYD5p66N1jL3SIf3m1QymX2aQwiB2PUVIzYi6XAzk6OpK:nCRiqdSEQZTLtp66N1PXfwwuiPk6yS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38731fd8b7dd8b5012e21279ccddf08b

Files

38731fd8b7dd8b5012e21279ccddf08b
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

HookOff
HookOn
StartHook

Sections

CODE
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ