2bbea84a1e83fdc8a2c37bca6f669842 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2bbea84a1e83fdc8a2c37bca6f669842
Size

72KB
MD5

2bbea84a1e83fdc8a2c37bca6f669842
SHA1

160a3c1da3213dda9f0091804f4fc4116fceb644
SHA256

a2157e983b2ad7cd06d1003fffb4ff6ab81ab2214bdf2129e29856bec1480937
SHA512

1b4ab9d45d7d6ef23e1488a17fffc3b3cbd631375d9203ed5ae4e805d0b172675a22bc31b16894d2564869cb36a2b6e13c461a6b0ec6e4128a9af4d254d6696e
SSDEEP

1536:K5rcGSW/kDGyYtYqqddZQKUVit2RcY7rS0W:HGnkDGyaYqgn2RcE3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bbea84a1e83fdc8a2c37bca6f669842

Files

2bbea84a1e83fdc8a2c37bca6f669842
.exe windows:4 windows x86 arch:x86

09ba7b873da4b4f2e4613df28e48732a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitProcess
FileTimeToSystemTime
FlushFileBuffers
GetACP
GetCommandLineA
GetCurrentDirectoryA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetStringTypeA
GetVersion
GetVersionExA
GlobalUnlock
HeapAlloc
HeapCreate
HeapReAlloc
MultiByteToWideChar
OpenProcess
RtlUnwind
SetEvent
SetFilePointer
SetLastError
SetThreadAffinityMask
SetUnhandledExceptionFilter
WideCharToMultiByte

user32

TrackPopupMenu
SystemParametersInfoA
ScreenToClient
IsDialogMessageA
GetSysColor
GetParent
GetDlgItemTextA
FindWindowA
DrawEdge
DefFrameProcA

ole32

CoCreateGuid
CoCreateInstance
CLSIDFromString
StringFromGUID2
CoTaskMemAlloc

advapi32

InitializeSid
LsaICLookupSids
RegSaveKeyA
AllocateLocallyUniqueId

olepro32

OleLoadPicture
OleIconToCursor
OleCreateFontIndirect

Sections

.text
Size: 42KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ