abd00b62c0d02adc2ab6106098edcfb8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

abd00b62c0d02adc2ab6106098edcfb8
Size

42KB
MD5

abd00b62c0d02adc2ab6106098edcfb8
SHA1

ceaec79ddb686ad110a99abc2a3a07ef6e1872cb
SHA256

ba97537dc593f0f3b565c324df8c56e97f8b69379ed66de3cfd80083d6a87130
SHA512

cc64052111dba94c761849fe986880d92c58017fba1fd30a31411668ea6e152917ce725b324ac69a12ba5d2d2bec67d7627c4e6e2c12a864b12355bb4b75deff
SSDEEP

768:0p8NF1w8mn5/Wz75/I6z601Z9xbF99WSvAt6H3yY3e3p4RtSMArqw8x:0QU4t/Rzv7VWfA7YrqRx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abd00b62c0d02adc2ab6106098edcfb8

Files

abd00b62c0d02adc2ab6106098edcfb8
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GetHookMsgString
StartCBTHook
StopCBTHook

Sections

CODE
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 125B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ