6d93bedb6281cdc95dacceda76b9ede0N[.]exe

General

Target

6d93bedb6281cdc95dacceda76b9ede0N.exe
Size

32KB
MD5

6d93bedb6281cdc95dacceda76b9ede0
SHA1

585e7c11e5222c43d3b0596498352ca0316e6eca
SHA256

bb4d6a4ebb55f7c7f81a5e83ebb58e45815d02bf1d7db4268e79d6458e0b6cb3
SHA512

308ec18e2978e99fcad3f3b591a9613751f9544f676f04a63744b07ea7d4370e3ec72cbbe7f4261422d4ade272a34e2fd78e08698d536641aa9fb8614c983f6e
SSDEEP

384:0OO3ICNTpnZOaxgxZkEH0QmlUniym6l7sBpal4oIo9+R2:0NICNTpAnZl0HxalBIo9j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6d93bedb6281cdc95dacceda76b9ede0N.exe

Files

6d93bedb6281cdc95dacceda76b9ede0N.exe
.dll windows:4 windows x86 arch:x86

02839748eb92636c238b10e0d88f81db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
GetFocus
GetKeyState
IsWindow
SendMessageA

kernel32

WideCharToMultiByte
FreeEnvironmentStringsW
RtlUnwind
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
LoadLibraryA
MultiByteToWideChar
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress

Exports

Exports

EnablePreHandle
GetCapsLockState
SetHook
SwitchLayot

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02839748eb92636c238b10e0d88f81db

Headers

File Characteristics

Imports

user32

kernel32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.shared Size: 4KB - Virtual size: 24B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.shared
Size: 4KB - Virtual size: 24B

.reloc
Size: 4KB - Virtual size: 1KB