d37068a7ad03e49a18cd8efa3bdcf494 | Triage

Sharing

General

Target

d37068a7ad03e49a18cd8efa3bdcf494
Size

5KB
MD5

d37068a7ad03e49a18cd8efa3bdcf494
SHA1

93a140c046f55a138e0648c70b9e2539665908d4
SHA256

79e47193ae8f62f7f1bcc36173daa64db22ac972bc93665fce7f8eb5ddcdf179
SHA512

69845eac336e66507c2de955b0a7d0da173f096e1a315d188419dd3791e7914a5d8b1aa80ec1a3d0ff75d67578394fff1c31ac5e225f72a4425e5f2c49b04618
SSDEEP

96:Z1G2ViRa7xPYNtiTx+A+4QcOhjevKEMM:1ikNP7Zshyy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d37068a7ad03e49a18cd8efa3bdcf494

Files

d37068a7ad03e49a18cd8efa3bdcf494
.dll windows:1 windows x86 arch:x86

50b67f218142415549e0fa16536cdb32

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteProcessMemory
ReadProcessMemory
GetModuleHandleA
GetProcAddress
CreateThread
Sleep
lstrlenW
lstrlenA

user32

SetWindowsHookExA
CallNextHookEx

Exports

Exports

A

Sections

.data
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 334B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ