75fa2c647f8719623336803997f1e01a | Triage

Sharing

General

Target

75fa2c647f8719623336803997f1e01a
Size

14KB
MD5

75fa2c647f8719623336803997f1e01a
SHA1

ff259809dfb1730f0094aec2b374f5fef700aa15
SHA256

941c2d0493cec3a8ded05c398755ec6d9499f772d25ed8111ef9607763ceb796
SHA512

b8aa588364f30294e1f1bc2412c1a165923e92437935a618e610abbadeefaceb392d5b2906f2d8f4c31c88b39dc89728ef75a5977a81337c09523750241b0fec
SSDEEP

384:UTNWypmsXth+ZeXpQUqFzJUTpW/6fveG:kWRmthLZQU+ANfm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75fa2c647f8719623336803997f1e01a

Files

75fa2c647f8719623336803997f1e01a
.dll windows:4 windows x86 arch:x86

b2c5c4d704be8b1739747aeaa98acd35

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

mfc42

ord5307

msvcrt

??1type_info@@UAE@XZ

user32

CallNextHookEx

advapi32

RegQueryValueExA

ole32

CoInitialize

oleaut32

VariantClear

urlmon

URLDownloadToFileA

Exports

Exports

?DelHook@@YGHXZ
?SetHook@@YGHXZ

Sections

.text
Size: 8KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE