7616adcaad6da41fadc0962cbb67b713 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7616adcaad6da41fadc0962cbb67b713
Size

391KB
MD5

7616adcaad6da41fadc0962cbb67b713
SHA1

a05bc0f1851575cac5f73e57665f555e0e5650f7
SHA256

4c88a1c63e2e2ed790d319ed6715b5be0f739e663ba51bacc03231d554aed0ab
SHA512

34a1cf8abefab7f06667df8445e3142e5df5c9481fbec975ec318cd95969b074e28ae5483a4a2b799b099f8f83e97ecbc8d705900c45def109eeb52ff2fd95d9
SSDEEP

6144:TDQs049bqBpWZyOC2Zy3qYYoaZMh+6l+c+DOe30taMfpXuQGkFHeSXbReUvj2DF1:J049bqBv1bE6AvDOMGXCEHPX7vyDFGW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7616adcaad6da41fadc0962cbb67b713

Files

7616adcaad6da41fadc0962cbb67b713
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

CriaDir
InstallHook
IsHookSet
KeyboardHookProc
MouseHookCallBack
PegaSysDir
Reiniciar
RemoveHook

Sections

CODE
Size: 331KB - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 231B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ