a187fe3ccdd09a555077f763fff0651a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a187fe3ccdd09a555077f763fff0651a
Size

40KB
MD5

a187fe3ccdd09a555077f763fff0651a
SHA1

b924bbbde3870bffb3a067a8fd275a76415d6efd
SHA256

3bccbfb972be0483fc4df7b3a9e93c120e3f8fd66ee1fbe713c01748daabd930
SHA512

1cbc278bb7215d50062b25cdba5ca1a7a05a937119f0990d6533132519e70d2a82c9567bcf773913d969026207ce82669135d28acf5da4f37d618b5426c01377
SSDEEP

768:t+QqD1szDwKAkb6YUqKRlfhheFivQo0EpK42Z944wkhHCsTX:AQqD1ssyUXBhek0X8xWX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a187fe3ccdd09a555077f763fff0651a

Files

a187fe3ccdd09a555077f763fff0651a
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GETHOOKRECPOINTER
KEYBOARDPROC
STARTKEYBOARDHOOK
STOPKEYBOARDHOOK

Sections

CODE
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 154B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ