2e0d67799a7f6bf030e9b168fd1d6f59 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2e0d67799a7f6bf030e9b168fd1d6f59
Size

28KB
MD5

2e0d67799a7f6bf030e9b168fd1d6f59
SHA1

6b728cc7ea50cda2d9bd12bfd982e9f98e059b4a
SHA256

7ea3a89bf46530a9d0a71fab8d41b8eaad8c433a7d5fe6a2ef14debaf4a88ca5
SHA512

46a07b011055f5a5403b20f33cb27662c8d01cedb7cc849506a4a999864d6ce38844143596deedcff47fc1ba18b083170adab5b26aabdcda81062bbf7531eb81
SSDEEP

384:FcdOhVf9J9NST78m3B+SCRjufwB8/HjFTjSADv:FcErbun81SCVuJ/DDr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e0d67799a7f6bf030e9b168fd1d6f59

Files

2e0d67799a7f6bf030e9b168fd1d6f59
.exe windows:4 windows x86 arch:x86

744b0f4715420f3c98b04fa9c853621c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
FindResourceW
GetComputerNameA
LoadLibraryExW
lstrcpyA
CloseHandle
lstrlenA
CreateProcessA
GetModuleHandleA
SetLastError
PulseEvent
FindClose
GetCurrentThreadId
GetCurrentDirectoryA
CreateFileW
HeapCreate
Sleep
LocalFree
GetCommandLineA
UnmapViewOfFile

user32

GetCaretPos
DispatchMessageA
DrawMenuBar
CallWindowProcA
GetDlgItem
CreateWindowExA
CreateIcon
GetDC
IsWindow
CheckRadioButton
SetFocus
FillRect
DrawEdge

rsaenh

CPSignHash
CPGenKey
CPDecrypt
CPDeriveKey
CPHashData

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kbjnprq
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE