2f052bb2662d61492c29129875e97c6ed333983094179faa882f3c71cc29ee5a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f052bb2662d61492c29129875e97c6ed333983094179faa882f3c71cc29ee5a
Size

6KB
MD5

231069445d7b97b5eab7b0b7e9681df9
SHA1

3ac03fc9f71882e3d3b2ff22c9ce909c82f5f1c6
SHA256

2f052bb2662d61492c29129875e97c6ed333983094179faa882f3c71cc29ee5a
SHA512

ef7d5210d414f152a8b17f26c56a96d87eb29e878c1ae4e32a923e43745e1922afddc2aede4cc4f3965c8a50c2b75b54a2184a449dbc44e484070feb3ddc9e95
SSDEEP

48:SNtbt0S4FVgCp471Ib4Fc/38+N7DYocHa23WlTpebVetFygFI5a2oxdVoZiG/9uW:u0mIGnFc/38+N4ZHJWSY9FI5Wqgx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f052bb2662d61492c29129875e97c6ed333983094179faa882f3c71cc29ee5a

Files

2f052bb2662d61492c29129875e97c6ed333983094179faa882f3c71cc29ee5a
.exe windows x64

7c5f9b19847a4e36080308f0e2c5add5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

VirtualAlloc
GetModuleHandleA
GetProcAddress
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
CloseHandle
VirtualFree
GetProcessHeap
CreateFileMappingW
MapViewOfFile
OpenProcess
UnmapViewOfFile
GetCurrentProcess
TerminateProcess
HeapAlloc
HeapFree

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 790B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ