3bcc2d270f043d19652a96d76cf19ae7

General

Target

3bcc2d270f043d19652a96d76cf19ae7
Size

232KB
MD5

3bcc2d270f043d19652a96d76cf19ae7
SHA1

71f01590514c6f5820d96b5eb584c2806222e488
SHA256

f0de7af6489c1aea33d47d79c47d1844bb0099dd50d69c6829612b0bbdf5e9d0
SHA512

3e34b99878807965b6b0a47f23c2a672ee7dc1042f8b16163b738b45e3396688b7e365ad146738cb8908bf6e16c94ba9acd1b841234633b4df4be9cb1b44747d
SSDEEP

192:DADb9sUkIaFfbLlq2LPiE5CcH0iIyOHIKDZq:DADbi1fbBJriE5BuyOHIKDZq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bcc2d270f043d19652a96d76cf19ae7

Files

3bcc2d270f043d19652a96d76cf19ae7
.dll windows:4 windows x86 arch:x86

43611455af757714cc40ae52750b3f68

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

imagehlp

ImageDirectoryEntryToData

msvcrt

_adjust_fdiv
malloc
strlen
_initterm
free
_onexit
__dllonexit
strcat
memset
strcpy
strcmp
_strupr

kernel32

VirtualProtect
CreateThread
Sleep
WriteFile
SetFilePointer
CreateFileA
ExpandEnvironmentStringsA
LoadLibraryExW
LoadLibraryExA
LoadLibraryW
LoadLibraryA
WriteProcessMemory
VirtualQuery
GetProcAddress
GetModuleHandleA
CloseHandle
CreateToolhelp32Snapshot
GetCurrentProcess
Module32First
Module32Next
lstrcmpiA
GetCurrentProcessId
GetSystemInfo

user32

UnhookWindowsHookEx
GetWindowTextA
GetForegroundWindow
wsprintfA
GetKeyboardState
ToAscii
GetFocus
GetParent
GetClassNameA
CallNextHookEx
EnumChildWindows
SetWindowsHookExA

Exports

Exports

?fnDLL@@YIHPAPAD@Z
_Prog_HookAllApps@8

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xShared
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43611455af757714cc40ae52750b3f68

Headers

File Characteristics

Imports

imagehlp

msvcrt

kernel32

user32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 272B

xShared Size: 204KB - Virtual size: 200KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 272B

xShared
Size: 204KB - Virtual size: 200KB

.reloc
Size: 4KB - Virtual size: 1KB