3a10de8fc6f227206f9ba4b4462bd032 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a10de8fc6f227206f9ba4b4462bd032
Size

6KB
MD5

3a10de8fc6f227206f9ba4b4462bd032
SHA1

65c5967808aae6c4a977e2b73e342b1e6ebb95be
SHA256

5b2d0ebca54ce924a566c683c4bdc3f1d2700bd39a7af6e493b6726dc7aa247e
SHA512

15b452e67f34c3696c6aa73522f611b5114cc730b9a05eaaff7e62f62943f61ef12728f0316b11f1bfbd71d2b065443224f6ca23049dc2ba04eeed9d043d1ec4
SSDEEP

96:Zx+GShuD1w9ZuVnQyuRMXhjsTrWmkl0afsdPmxVD:TshNWQyuRshjsHWvpslUD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a10de8fc6f227206f9ba4b4462bd032

Files

3a10de8fc6f227206f9ba4b4462bd032
.dll windows:4 windows x86 arch:x86

911dd57d2c176f1f6ad74e78d9cc4a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
Sleep
GetCommandLineA
GlobalFree
ReadProcessMemory
GetProcAddress
GlobalAlloc
VirtualProtectEx
GetModuleFileNameA
GetCurrentProcess
CreateThread
GlobalLock

user32

SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
ToAscii
GetKeyboardState

msvcrt

strlen
_adjust_fdiv
malloc
strrchr
memset
strcpy
strcmp
strcat
sprintf
strncpy
strstr
_stricmp
memcpy
free
_initterm

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

Exports

Exports

fa
fb

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdt
Size: 512B - Virtual size: 275B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ