2d8adb24c1ed7f18175cc0eca9c78e7e | Triage

Sharing

General

Target

2d8adb24c1ed7f18175cc0eca9c78e7e
Size

207KB
MD5

2d8adb24c1ed7f18175cc0eca9c78e7e
SHA1

5ce2636206b2f413e5cc656ddcc91c1f6bc541dc
SHA256

21310a86153630010c5ddf7ab9dea18daa33e3a679a10f30e5d18e0def14b847
SHA512

2130eed914ba6b22bf12fdb03e8be401a1e187e8d6ea7333ac7f19c64345f5d646d35a9b1c0c1ef47703137a217ec12fd92582584997bc6413df8980ec71328e
SSDEEP

3072:+IUxnH95Fty3NIbXUlggASMsLs+wFIAG/8Tf3lKEGqqik7k0seGtyhwaFJh3WyQx:mduIbXkNHRwXG0T3sEGqk7k0FGuwpH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d8adb24c1ed7f18175cc0eca9c78e7e

Files

2d8adb24c1ed7f18175cc0eca9c78e7e
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

_STWNDCloseConnection@4
_STWNDDeleteStateItem@4
_STWNDEndOfRequest@4
_STWNDGetLocalAddress@8
_STWNDGetLocalPort@4
_STWNDGetRemoteAddress@8
_STWNDGetRemotePort@4
_STWNDIsClientConnected@4
_STWNDSendResponse@24

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.qnk
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE