4f24fb79e3d867ead9a593af66ff1c70 | Triage

Sharing

General

Target

4f24fb79e3d867ead9a593af66ff1c70
Size

25KB
MD5

4f24fb79e3d867ead9a593af66ff1c70
SHA1

aa8a35a151406376066d75b2e336b4e1d5b2427c
SHA256

1ec1d90825285f536163a3d1107d2fec76463d9c240a7ffcb51cf3e256d72a57
SHA512

940896db1e9d820a3a15122ea05a93b786b82493169347a0f1761ee9fa6bcc4c486e0aa72fbeeee8e3551c07290c66f001d4418d55afc3111a13b1ff69060c3a
SSDEEP

192:ozgyAc/XDKNeX/Cc4xgkMAsNc5NwDrum5Qjb/q:ozLAtW4GAs+DUkb/q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f24fb79e3d867ead9a593af66ff1c70

Files

4f24fb79e3d867ead9a593af66ff1c70
.dll windows:4 windows x86 arch:x86

63e983f03a0069cb1ae86a6c4f9e6437

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEvent
CreateEventA
CloseHandle
lstrlenA
WriteFile
SetFilePointer
CreateFileA
GetProcAddress
LoadLibraryA
GetLastError
FreeLibrary
FlushFileBuffers
WideCharToMultiByte

user32

GetActiveWindow
wsprintfA
GetKeyNameTextA
GetKeyboardState
ToAscii
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindowTextA

msvcrt

_adjust_fdiv
malloc
_initterm
free
memset
wcsncpy
_except_handler3
_vsnprintf
localtime
time
_snprintf
strlen

Exports

Exports

DS
HKB
UHKB

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 450B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ