8fdf3dc4112905e0338bcb99cf5eb1b8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8fdf3dc4112905e0338bcb99cf5eb1b8
Size

24KB
MD5

8fdf3dc4112905e0338bcb99cf5eb1b8
SHA1

b167cc9dff6f1d16fbd868c39e97e9e126aed5c4
SHA256

23526ff49e3ee1a1d5a3552ba456b8a1a5bdeef2d2a5b5228f29c509162fce3b
SHA512

7d898fad16c9fcc4c8a129520c6d0d453245369530bb681bb8c3d493f99d1350e76679a1ef50947e2c5fa49331f736a31c4314be56a5980bf0c5002a342a8bf8
SSDEEP

96:wvs/eNCsyai6JP1F8WVg7t3DzXkevkNz+OqKd8xHsUGEu68BAi:wkKJPLrI3XjvkNqni88E8A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8fdf3dc4112905e0338bcb99cf5eb1b8

Files

8fdf3dc4112905e0338bcb99cf5eb1b8
.dll windows:4 windows x86 arch:x86

02559500023b761d38e119f7ec6c4564

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA
lstrlenA
GetModuleFileNameA
GetModuleHandleA
GetSystemInfo
GetProcAddress
WriteProcessMemory
GetCurrentProcess
LoadLibraryA
LoadLibraryW
LoadLibraryExA
LoadLibraryExW
WideCharToMultiByte
GetLastError
RaiseException
InterlockedExchange
LocalAlloc
FreeLibrary

user32

SetWindowsHookExA
UnhookWindowsHookEx
GetKeyState
CallNextHookEx
GetKeyboardState
GetWindowThreadProcessId
ToAsciiEx
GetFocus
PostMessageA
IsWindow
SendMessageA
GetKeyboardLayout

msvcrt

_initterm
_adjust_fdiv
malloc
free
_onexit
__dllonexit

Exports

Exports

DLL_GetProjectVersion
EnableAltInterception
EnableDiaryTracking
EnableNTInvisible
EnablePreHandle
GetCapsLockState
SetHook

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 4KB - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 474B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ