473d428f1e45f3214eeec92990b790a1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

473d428f1e45f3214eeec92990b790a1
Size

3KB
MD5

473d428f1e45f3214eeec92990b790a1
SHA1

7bfbb146d4da153b9e491697f405937a74b8543f
SHA256

13e1789ad9f142c95ac13df7cb4e93be0eb2787ebab66d80f34dd2286199ecd3
SHA512

4b227d834b4aa3f1a9940adcfd5ced2c875f5b83c6f44dbd995f9b5aadb67154612509e54aec675bc52faa5b6b141df84d36afc013cab8a2ae767c70acfd17af

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
473d428f1e45f3214eeec92990b790a1

Files

473d428f1e45f3214eeec92990b790a1
.exe windows:4 windows x86 arch:x86

9a0d68b5eca82f8ac9ae981f28d3a8d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetForegroundWindow
GetClassNameA
GetWindowThreadProcessId
GetWindowTextA
GetKeyboardState
GetKeyState
ToAscii
GetKeyNameTextA
CallNextHookEx
RegisterHotKey
SetWindowsHookExA
GetMessageA
UnhookWindowsHookEx

kernel32

GetLocalTime
GetDateFormatA
GetTimeFormatA
CreateToolhelp32Snapshot
Module32First
CloseHandle
GetComputerNameExA
CreateMutexA
GetLastError
GetModuleHandleA
ExitProcess

advapi32

GetUserNameA

msvcrt

fprintf
fflush
fopen
fclose

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_WRITE