LIONS KEYLOGGER PÚBLICO[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

LIONS KEYLOGGER PÚBLICO.exe
Size

3.6MB
MD5

8c2b370424781a96f6740b8c04e925ef
SHA1

fa404b1f50a559f337184e7a5f67ad832eedbe83
SHA256

4d6ecef6acd572fab29113eb45b3acecfc167f7cc3628023bfe6538467785e1c
SHA512

f6deeac969c829a527d7b3fc91e45f7c9116db2dc2fc24a2be982378ee820c420efc1dbbf84f6709d6dcfd48270765e52294903bc3680ad4a5113ff811700937
SSDEEP

24576:2OX2YGyzSDuAWjJ8o6ajjahoc+E9ajjap6K:2OX2YgQyo6ajjaGE9ajja

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
LIONS KEYLOGGER PÚBLICO.exe

Files

LIONS KEYLOGGER PÚBLICO.exe
.exe windows:4 windows x86 arch:x86

d818f0a1a11bee7c3155928cba6d5361

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord667
ord595
ord632
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord607
ord608
ord717
ProcCallEngine
ord570
ord685
ord100
ord579

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ