73386eb42deb5ad486317c20e913286f

General

Target

73386eb42deb5ad486317c20e913286f
Size

18KB
MD5

73386eb42deb5ad486317c20e913286f
SHA1

c58ce0e326b912a1b7b34f9f8f7990c4d6caae2c
SHA256

faa5b576f94d83357dcbde201e14f93a0712a614d8077f9e87c003b37c6d0ff2
SHA512

0b5e3204482f279d83808e09ba2f34500da6794c0c7aa668c795c5e48a44b3f7bef36b224b889f8b65efd84eb825690dd6ee6ac9fe0addbccf30fe49c98f2876
SSDEEP

384:KjANqQ/wjDfaHLg4y8SLfQWkZij1vwS31h37+:00yUN5Vk1vt7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73386eb42deb5ad486317c20e913286f

Files

73386eb42deb5ad486317c20e913286f
.dll windows:4 windows x86 arch:x86

3939f54f8e5d0a3071376dd068e5da71

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

VkKeyScanA
UnhookWindowsHookEx
ToAscii
SetWindowsHookExA
MapVirtualKeyA
GetMessageA
GetKeyboardState
GetForegroundWindow
GetClassNameA
CallNextHookEx
wsprintfA

kernel32

GlobalAlloc
lstrlenA
lstrcpynA
lstrcpyA
lstrcmpA
lstrcatA
WriteProcessMemory
WideCharToMultiByte
VirtualProtectEx
TerminateProcess
Sleep
SetFilePointer
CloseHandle
CreateFileA
CreateThread
CreateToolhelp32Snapshot
DeleteFileA
DisableThreadLibraryCalls
GetCurrentProcess
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
LoadLibraryA
Module32First
Module32Next
MultiByteToWideChar
Process32First
Process32Next
ReadFile
ReadProcessMemory
RtlZeroMemory
SetFileAttributesA

Exports

Exports

EnHookWindow
UninstallHook
sub_getmessage
sub_keyboard
sub_mouse

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 12B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3939f54f8e5d0a3071376dd068e5da71

Headers

File Characteristics

Imports

user32

kernel32

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 9KB

.bss Size: - Virtual size: 12B

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 3KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 10KB - Virtual size: 9KB

.bss
Size: - Virtual size: 12B

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 1KB