2cb518769cccacfc2f0df52fb74fe9a7ad963828828aaa5fa8e30d8e816fe2b8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2cb518769cccacfc2f0df52fb74fe9a7ad963828828aaa5fa8e30d8e816fe2b8
Size

5.3MB
MD5

2aaddc513755a785a241cbf448fd73e4
SHA1

2812a1287ee1954f1c1ed70d613373bf7556d333
SHA256

2cb518769cccacfc2f0df52fb74fe9a7ad963828828aaa5fa8e30d8e816fe2b8
SHA512

d0704a30657fa74b39abf771d9de1fb2178a6dfbe17dcf5e3d3e7a0c07e47663994d5aa0025cc6ba8928360d55c03d8abb0d797adf17756951850d383fe73ebf
SSDEEP

98304:SEesebVBw5+YYJoEjMfiSZGyKtEEVhpfHoTWNK6ALhVbvvaqsTZshXfU:SHR25+uNLQHtd7VoTEK1hZv5sTZsh8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cb518769cccacfc2f0df52fb74fe9a7ad963828828aaa5fa8e30d8e816fe2b8

Files

2cb518769cccacfc2f0df52fb74fe9a7ad963828828aaa5fa8e30d8e816fe2b8
.exe windows:4 windows x86

c4d1f5a193b3592633b5c924730d7a75

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

LoadStringW

shell32

SHGetSpecialFolderPathA

ole32

CoCreateInstance

gdi32

DeleteObject

comctl32

InitCommonControlsEx

wininet

InternetOpenA

gdiplus

GdipSetClipRegion

atl

ord42

shlwapi

PathRemoveFileSpecW

crypt32

CryptStringToBinaryW

msimg32

AlphaBlend

oleaut32

VariantTimeToSystemTime

Sections

.text
Size: 5.3MB - Virtual size: 10.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE