2cd2e5cee32691576afa18ef50a949ad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2cd2e5cee32691576afa18ef50a949ad
Size

5.6MB
MD5

2cd2e5cee32691576afa18ef50a949ad
SHA1

0e3eec26ac2fb6cf65a00c72b0285f47aead9803
SHA256

36d23bbdc759b6d62cceaf031f00ca9a9aa7ce79e2cc2b724225564b71297787
SHA512

dfa5a04d8e3903eff63ba3d67d1191423e6df33a325e6fa8da5b63bf346bd16e1bce974cf4a200420dd506b4229b64c3a4c0c318541eefd51a1db2a64db35185
SSDEEP

98304:ZNTffBwdfPq3WJsH0S85ex/3h2WkEzDhalkDFeuKj:ZNT3+6mJxex/VDU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cd2e5cee32691576afa18ef50a949ad

Files

2cd2e5cee32691576afa18ef50a949ad
.exe windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 155KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wgduffkg
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tpplefms
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE