e03db84d2ad97b5d4ee31c27142e7e0c

General

Target

e03db84d2ad97b5d4ee31c27142e7e0c
Size

32KB
MD5

e03db84d2ad97b5d4ee31c27142e7e0c
SHA1

834951856f51d965841ae6a7d6b06e340be25761
SHA256

7b87758be1b1b79b3598e0224af4820e9f076932481428f520fe826a1c2c3783
SHA512

4a98c6416dbc728970b0c176fc6d21b906d1ea111ccfc5ba9a0ddb83bf58119e239156824b7d7cedad846e8a5ce40558fc4a051e6579ffb6e7930c82853422cd
SSDEEP

384:bt9QnF7hTdxf73rHAmlYKRyxiBKMoIo9Bu:btyxhTdZbHHn8Io9Bu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e03db84d2ad97b5d4ee31c27142e7e0c

Files

e03db84d2ad97b5d4ee31c27142e7e0c
.dll windows:4 windows x86 arch:x86

150066ee5fc47aa39e08508f9e2754cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
GetEnvironmentStrings
GetTickCount
RtlUnwind
GetStringTypeW
GetStringTypeA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
LCMapStringW
HeapAlloc
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA

user32

UnhookWindowsHookEx
SendMessageA
CallNextHookEx
SetWindowsHookExA

Exports

Exports

KBRegistwnd
KBSystemHook
UNKBSystemHook

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tgedll
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

150066ee5fc47aa39e08508f9e2754cd

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

tgedll Size: 4KB - Virtual size: 8B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

tgedll
Size: 4KB - Virtual size: 8B

.reloc
Size: 4KB - Virtual size: 1KB