2b0553d82db99f5c56a6fef7b2d87882 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b0553d82db99f5c56a6fef7b2d87882
Size

18KB
MD5

2b0553d82db99f5c56a6fef7b2d87882
SHA1

9f089db3a2027ce7da833682db47175b662e42cd
SHA256

4fa33e0941a00baf51b28d643b0fc2b3075dac0da8ebb4c1aea32fbebbbbff5f
SHA512

f5dd2e1655771e07e25964b31b43ce000406fafe4dd224a3cdc75f48aa6181ef762610a91ccc2330faeecda96c2c575498fa2761ef84a170827928160f5e7ed2
SSDEEP

384:Fz7pyt78oRq9Jh1CcC5BvZ1a4DjbKdKm7K0Z:FBE785dEH5Bff2bZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b0553d82db99f5c56a6fef7b2d87882

Files

2b0553d82db99f5c56a6fef7b2d87882
.dll .js windows:4 windows x86 arch:x86 polyglot

4a5c7016f8a55183eaacea531147a4be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlUnwind
InterlockedExchange
VirtualQuery
LoadLibraryA

Exports

Exports

DllInstall

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ