macrohook[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

macrohook.exe
Size

38.0MB
MD5

66992101fa04971dbeba9108f34d95fb
SHA1

fb748df067976c2fb8e71689929af92b50b4e9b4
SHA256

8356756e691ce4be57889b69faa5379067aa0ba76f8f9e923d520d2e58e11457
SHA512

dacfaea31412dec3947dc3668ef6791d565cfab166c6fe87c8a1df1e886be5443561e1a65eadc90060b1467d255b6e0d317bdd5d2ff64dba615b5f06401fd26b
SSDEEP

786432:FAdIDo5CXv3uWo89Httu4cBl3qU3caJp8sjSV9/FSqhP:FAsXWWD9HvpG3qU3caJp8sjSV9/7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
macrohook.exe

Files

macrohook.exe
.exe windows:6 windows x64 arch:x64

8af325ad2e543d716a22299ffad48d0f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

AreFileApisANSI
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

advapi32

CryptAcquireContextW

user32

FindWindowW

ws2_32

WSAGetLastError

Sections

.text
Size: - Virtual size: 817KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: - Virtual size: 140B

_RDATA
Size: - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VcL
Size: - Virtual size: 21.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.@c(
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kJK
Size: 38.0MB - Virtual size: 38.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 422B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8af325ad2e543d716a22299ffad48d0f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

ws2_32

Sections

.text Size: - Virtual size: 817KB

.rdata Size: - Virtual size: 162KB

.data Size: - Virtual size: 3.4MB

.pdata Size: - Virtual size: 19KB

.00cfg Size: - Virtual size: 56B

.gxfg Size: - Virtual size: 8KB

.retplne Size: - Virtual size: 140B

_RDATA Size: - Virtual size: 500B

.VcL Size: - Virtual size: 21.2MB

.@c( Size: 3KB - Virtual size: 2KB

.kJK Size: 38.0MB - Virtual size: 38.0MB

.reloc Size: 512B - Virtual size: 264B

.rsrc Size: 512B - Virtual size: 422B

.text
Size: - Virtual size: 817KB

.rdata
Size: - Virtual size: 162KB

.data
Size: - Virtual size: 3.4MB

.pdata
Size: - Virtual size: 19KB

.00cfg
Size: - Virtual size: 56B

.gxfg
Size: - Virtual size: 8KB

.retplne
Size: - Virtual size: 140B

_RDATA
Size: - Virtual size: 500B

.VcL
Size: - Virtual size: 21.2MB

.@c(
Size: 3KB - Virtual size: 2KB

.kJK
Size: 38.0MB - Virtual size: 38.0MB

.reloc
Size: 512B - Virtual size: 264B

.rsrc
Size: 512B - Virtual size: 422B