6818db18eb547a96a9fd3d6c9f07a97a

Sharing

Copy URL Twitter E-mail

General

Target

6818db18eb547a96a9fd3d6c9f07a97a
Size

21KB
MD5

6818db18eb547a96a9fd3d6c9f07a97a
SHA1

936219a4b26e91cfde2a776373e538bd99bb2025
SHA256

bf23a1aec867386ac5e20b640b7a5942ad28ac217027c400fa7b8aa863063f9a
SHA512

efa68b3c9dd3df9a5f8a9346e7120bdbaca39f2376f8f0626b71dedd80622a15b3d52fbf5535e4f697eb8f3bdac2f51a8a95d94f2554121fbdad89ebfca8b42e
SSDEEP

384:6m3sl4HiOulI4h7K9OKnhqDd/sKJxRQwx/7+:6m3lWIM7nKnCxJx2wp+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6818db18eb547a96a9fd3d6c9f07a97a

Files

6818db18eb547a96a9fd3d6c9f07a97a
.dll windows:4 windows x86 arch:x86

62ebb18b42a499b8c510483dc498fc58

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord3318
ord1979
ord5186
ord354
ord924
ord926
ord939
ord4177
ord2614
ord858
ord539
ord6648
ord6778
ord941
ord5442
ord6385
ord825
ord6312
ord665
ord940
ord535
ord537
ord800
ord540
ord1182
ord823
ord342
ord1253
ord922
ord1168

msvcrt

_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
wcscmp
_mbsicmp
_strupr
strstr
__CxxFrameHandler

kernel32

UnmapViewOfFile
CloseHandle
OpenFileMappingA
GetFileAttributesA
GetSystemDirectoryA
TerminateProcess
OpenProcess
GetWindowsDirectoryA
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
MultiByteToWideChar
lstrlenA
MapViewOfFile

user32

GetWindowThreadProcessId
SendMessageA
GetWindowLongA
GetClassNameA
CallNextHookEx
UnhookWindowsHookEx
GetForegroundWindow
SendMessageTimeoutA
RegisterWindowMessageA
GetWindow
EnumChildWindows
SetWindowsHookExA

ole32

CoUninitialize
CoInitialize

oleaut32

SysFreeString

Exports

Exports

StartHook
StopHook

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62ebb18b42a499b8c510483dc498fc58

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 1024B - Virtual size: 4KB

.idata Size: 6KB - Virtual size: 6KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 1024B - Virtual size: 4KB

.idata
Size: 6KB - Virtual size: 6KB

.reloc
Size: 1KB - Virtual size: 1KB