ab077bf5ab668d64922f321b70802c1a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab077bf5ab668d64922f321b70802c1a
Size

24KB
MD5

ab077bf5ab668d64922f321b70802c1a
SHA1

1f7cd23c911fd0dda63b2247b07eee7f75becb0d
SHA256

2fd5d3e58b572aa9de99b79c7b3ce4a0be5a7ea2cf7d4794b7feda141c5aa996
SHA512

d56406b18b14e3ccd0bd3d73f9a41172d851543372fb3189677be0d65faa1fe52a8e2210dbc4c0d63a1d878c578c3c03c472b21aea471666efc51ccb7dc8f449
SSDEEP

48:OEPqshp20rVy95IlkL72PtJc5bGqJI1soE4k4+246CZYAXHxd2MlZ:nP5k0Jy9XKPtCVG9sOk4+xHxcS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab077bf5ab668d64922f321b70802c1a

Files

ab077bf5ab668d64922f321b70802c1a
.dll windows:1 windows x86 arch:x86

0fcef9e6f58fe01fab330f8e5582d761

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

CallNextHookEx
SetWindowsHookExA
MessageBoxA
FindWindowExA
GetActiveWindow
GetWindowTextA
UnhookWindowsHookEx

kernel32

GetWindowsDirectoryA
GetProcAddress
CloseHandle
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA
WriteFile
VirtualProtect
GetModuleHandleA
SetFilePointer
LoadLibraryA
CreateFileA

wininet

InternetReadFile

shell32

StrStrA

Exports

Exports

MHook
MUnHook

Sections

CODE
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ