2b83ebd7674c03c04a7f599de92cdc0b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b83ebd7674c03c04a7f599de92cdc0b
Size

452KB
MD5

2b83ebd7674c03c04a7f599de92cdc0b
SHA1

6a1750887d6acc48f709ee38735cb69e4bbc9009
SHA256

29fcf0300a1bf78144765a3b655e2216235e324ee2960c8ebe6ada3f85a689fc
SHA512

b9c42eb70db0a50babf886ca2b24e30beac3643ee8760f40c8fec8bbe559592b5beb6f80ff7a8eb361b7c24e2d55547d1627ef2217a608d9627d4505f6f1eeb7
SSDEEP

12288:trumSn+v3lk3nVtcWK+exxio4NQ6X6bhHkDoeXom/f91lxIEw:trwC32Va0oz/NHknXhT/d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b83ebd7674c03c04a7f599de92cdc0b

Files

2b83ebd7674c03c04a7f599de92cdc0b
.exe windows:5 windows x86 arch:x86

bfc54d52434f0012a6039808fb07daa5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
GetCommandLineA
GetModuleHandleA
GetModuleFileNameA
GetDriveTypeW
AddAtomA
GetProcessHeap
RemoveDirectoryA
HeapFree
CreateDirectoryA
WriteFile
CreatePipe
HeapCreate
RemoveDirectoryA
CreateSemaphoreW
IsBadWritePtr
GetFileType
SetVolumeLabelA
ClearCommBreak
FindAtomA
ExitThread
DeleteAtom
CloseHandle
FindClose
WaitForMultipleObjects

cryptui

CryptUIStartCertMgr
CryptUIWizExport
WizardFree
LocalEnrollNoDS
DllRegisterServer
CryptUIWizImport
LocalEnroll
CryptUIWizDigitalSign
DllUnregisterServer
CryptUIDlgFreeCAContext
CryptUIWizBuildCTL
WizardFree
CryptUIDlgViewContext

msrle32

DriverProc
DriverProc
DriverProc
DriverProc

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 444KB - Virtual size: 443KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE