2880ed799167b7869e6e283456e72ad7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2880ed799167b7869e6e283456e72ad7
Size

165KB
MD5

2880ed799167b7869e6e283456e72ad7
SHA1

549f47b4b7b781c553964a061e9445a37fb8411f
SHA256

24d387ea77ef1dc25adc2b89672e2b898da88712727adafa17507b5e3121e0dd
SHA512

78e03b0b32bf95b707cfd10ffbf18635c88e61fb5aad9407f4b2760d8034965322736fb8550412181d761129e6849c8b1cd52e540182061dc9a1049aecdebbe9
SSDEEP

3072:ISJACOcHZucJ2RzRbWpJMG9I6K9A1nxYelrjBeaThB7vJl4J3:1dOc5ucgzRbWXvUeFwaX/4R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2880ed799167b7869e6e283456e72ad7

Files

2880ed799167b7869e6e283456e72ad7
.exe windows:5 windows x86 arch:x86

7b24551a7ba8a4f445b001bb9b19730a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RedrawWindow
IsCharUpperW
LoadImageA
GetWindowDC
DestroyWindow
GetLastActivePopup
InsertMenuItemW
DrawFrameControl
wsprintfW

shlwapi

ChrCmpIW
UrlEscapeA

msvcrt

_controlfp
_wtoi
__set_app_type
__p__fmode
__p__commode
memset
_amsg_exit
realloc
_initterm
_ismbblead
wcstod
_XcptFilter
_exit
_cexit
atoi
__setusermatherr
__getmainargs

gdi32

CreateDIBSection
GetStockObject
GetTextMetricsA
Polyline
GetBitmapBits

kernel32

lstrlenA
LoadLibraryA
GetShortPathNameW
GetModuleFileNameA
UnmapViewOfFile
SetErrorMode
GetModuleHandleA
GetModuleHandleW
lstrcpyA

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ort
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 137KB - Virtual size: 393KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE