47834e52bea7109277e840f6589db084

General

Target

47834e52bea7109277e840f6589db084
Size

124KB
MD5

47834e52bea7109277e840f6589db084
SHA1

5411667276d5e3240dfe0a38c7e62734437fbdb8
SHA256

72684e6863961f9243385073c04833cfb86d4067ade09eca31ea10b4bd6fb51c
SHA512

8fd91d8d84cf957877d1bb59ad29dd0ba60a6b5543826d4518ef7a338a93875ccf4b9177e858b243136e1e9a8a8e071e330e7f29c64052e834bd24c8a962315d
SSDEEP

1536:KjjXeggih7zduUCmyTxoD7cg7i80ijWz/I7/pdawhC7YP/hMuIqjm/M:ozeggiSUj7P0LM7/7dx+im/M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47834e52bea7109277e840f6589db084

Files

47834e52bea7109277e840f6589db084
.dll windows:5 windows x86 arch:x86

ed8b7e0da1fd0c901882f38f8000edd8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
malloc
_initterm
free

kernel32

LoadLibraryA
CloseHandle
OpenProcess
VirtualAlloc
GetBinaryTypeA
CompareStringA
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
GetCurrentProcessId
lstrcpyA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

user32

GetDesktopWindow
SetWindowsHookExA
UnhookWindowsHookEx
GetClassLongA
GetPropA
SetPropA
RemovePropA
FindWindowA
GetShellWindow
RedrawWindow
GetForegroundWindow
CharNextA
PostMessageA
GetWindowThreadProcessId
GetClassNameA
GetParent
GetWindowLongA
EnumWindows
GetWindow
CallNextHookEx
GetCapture

gdi32

CreateDCA
ExtEscape
DeleteDC

Exports

Exports

HOOK_Init
OSI_FunctionRequest
OSI_InstallHighLevelMouseHook
OSI_IsWOWWindow
OSI_IsWindowScreenSaver
OSI_SetDriverName
OSI_ShareWindow
OSI_StartWindowTracking
OSI_StopWindowTracking
OSI_UnshareWindow

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SHARED
Size: 4KB - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 498B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed8b7e0da1fd0c901882f38f8000edd8

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 96B

SHARED Size: 4KB - Virtual size: 52B

.rsrc Size: 100KB - Virtual size: 99KB

.reloc Size: 4KB - Virtual size: 498B

.text
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 96B

SHARED
Size: 4KB - Virtual size: 52B

.rsrc
Size: 100KB - Virtual size: 99KB

.reloc
Size: 4KB - Virtual size: 498B