2ea059cb1d1260219925633443b56874 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ea059cb1d1260219925633443b56874
Size

208KB
MD5

2ea059cb1d1260219925633443b56874
SHA1

7ecb378d654fdbde7f222aa0d55b6754965c7c3e
SHA256

e30e79ee81f47d301a214f555bd81f172080320a9290beccb2665172a327a4fb
SHA512

946f13d6d6d6bcb49c8c32a56cd206a783e6d8cad35bbd0cd58f66098ba58854c2b198280604f17d37ed67588a2d8d15c94df9f869719cfdec86ae54133b017c
SSDEEP

3072:h9IXH8UYInayZr1UGs4p5/xBtjNefef6b2WnoV97XGQvuo0Ka:vcna4rXpBxbNeGInw97XGtv/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ea059cb1d1260219925633443b56874

Files

2ea059cb1d1260219925633443b56874
.dll windows:4 windows x86 arch:x86

df8b8e438d2e2d4ccc3948506c73461c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetModuleHandleW
GetLastError
SetLastError
GetCommandLineA

user32

LoadCursorFromFileA
ScreenToClient
ShowCursor

gdi32

CombineTransform
CancelDC
GetMapMode

winspool.drv

DeviceCapabilitiesW

msvcrt

_adjust_fdiv
_exit
_controlfp
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_XcptFilter
__p__commode
__p__fmode
__set_app_type
_except_handler3

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 188KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 466B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ