dcPrevent_1_0_0_3 (1)[.]rar

Sharing

Copy URL

Twitter E-mail

General

Target

dcPrevent_1_0_0_3 (1).rar
Size

29KB
MD5

6dfae6a04251fe8efcbd01dafd5d7101
SHA1

f5acad03d304f3b7ddabbdb4687d555dec9f1835
SHA256

296e7c4dd1b873e3a55fadc7ccd99de92273d48d298e24ffaf5e08afa9cbe0ab
SHA512

5abd0938ad526f3341d584b480ace01ce4bbd70cb37e8c444a6c986507b8134e8092979e863619dd4d004244acdd5f17fdce103804e254afabfb1605e0847ea5
SSDEEP

768:GC5TwJ7erJk5VSMs13Gq/2cHkEjhly842T7D:Z5MJ79Hscq/2cEGTy84+X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/dcPrevent_1_0_0_3/Gma.System.MouseKeyHook.dll

Files

dcPrevent_1_0_0_3 (1).rar
.rar
dcPrevent_1_0_0_3/Gma.System.MouseKeyHook.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\PC\Desktop\globalmousekeyhook-vNext\MouseKeyHook\obj\Debug\Gma.System.MouseKeyHook.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dcPrevent_1_0_0_3/dcPrevent.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

43:3c:f3:9a:20:4e:3e:9b:4b:0f:d1:f4:cd:2b:f1:8c
Certificate

Issuer

CN=DESKTOP-AUNIEUB\\zohay

Not Before

29-03-2021 22:50

Not After

30-03-2022 04:50

Subject

CN=DESKTOP-AUNIEUB\\zohay

50:75:49:08:a1:5c:32:cd:a8:49:0c:1f:57:4e:34:da:65:84:6a:7d:9f:fe:9b:85:b0:e5:cb:71:b7:d5:4c:3d
Signer

Actual PE Digest

50:75:49:08:a1:5c:32:cd:a8:49:0c:1f:57:4e:34:da:65:84:6a:7d:9f:fe:9b:85:b0:e5:cb:71:b7:d5:4c:3d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\zohay\source\repos\right click dcprevent\dcPrevent\dcPrevent\obj\Debug\dcPrevent.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 335KB - Virtual size: 334KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 36KB - Virtual size: 34KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

43:3c:f3:9a:20:4e:3e:9b:4b:0f:d1:f4:cd:2b:f1:8cCertificate

50:75:49:08:a1:5c:32:cd:a8:49:0c:1f:57:4e:34:da:65:84:6a:7d:9f:fe:9b:85:b0:e5:cb:71:b7:d5:4c:3dSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 335KB - Virtual size: 334KB

.rsrc Size: 1024B - Virtual size: 956B

.reloc Size: 512B - Virtual size: 12B

.text
Size: 36KB - Virtual size: 34KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 12B

43:3c:f3:9a:20:4e:3e:9b:4b:0f:d1:f4:cd:2b:f1:8c
Certificate

50:75:49:08:a1:5c:32:cd:a8:49:0c:1f:57:4e:34:da:65:84:6a:7d:9f:fe:9b:85:b0:e5:cb:71:b7:d5:4c:3d
Signer

.text
Size: 335KB - Virtual size: 334KB

.rsrc
Size: 1024B - Virtual size: 956B

.reloc
Size: 512B - Virtual size: 12B