b8c998b24cf24863203f187080a52432 | Triage

Sharing

General

Target

b8c998b24cf24863203f187080a52432
Size

522KB
MD5

b8c998b24cf24863203f187080a52432
SHA1

ffbffe3a445824bffd368b43e911dc8494ce9784
SHA256

43da7992cbd6dc1fbdddcd21c101786adcc88de575198bac335118722a750f68
SHA512

4a834fc7b625752bd91f7df72791a478e55aa39a077f12253feccf4bfe8d8c0e8b0ac11d2beac5071f13e7a934edf20f7603a616627676e666f006b469c5aad9
SSDEEP

384:V1Or5NKZ2i0toA3R3Krlim4VEtxCmJhcl2DAxB1f1zdpjYYcErqZ:VMr59vKlibVexX7cl2DAx/fpdp7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8c998b24cf24863203f187080a52432

Files

b8c998b24cf24863203f187080a52432
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow

Sections

CODE
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ