2e849a574460fe68874890383215794a | Triage

Sharing

General

Target

2e849a574460fe68874890383215794a
Size

152KB
MD5

2e849a574460fe68874890383215794a
SHA1

c0e59189de972798066f90d5479d07d51223deaf
SHA256

86499a027097fab79eb111648602a3a4a3544802fd0412c865a3a40df4db7009
SHA512

8cf80d4479d2262419807a1ffaa08e96b54438b388151c3bc8b38f8b2f06a2759be4dc8bf93fc336b6773b0122f8df2b9707bc352c9ccca8c3207f8b3807465e
SSDEEP

1536:oC2dJ8sPEoVT2TX5txNffVSsWq8I4OvIj5dwUVP5TEalk+hMQrZgOUgW7TFAAXWU:ocIp2TX3fVSsQOv4kUV2eU0xSZu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e849a574460fe68874890383215794a

Files

2e849a574460fe68874890383215794a
.exe windows:5 windows x86 arch:x86

8fcd196e1b8b2957baa43bc4abd20e17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
ExitProcess
GetCommandLineA
WriteFile
GetCPInfo
OpenFileMappingA
FindClose
FreeResource
GetFileType
ReadFile
GetStdHandle
FormatMessageA
HeapAlloc
GetLastError
lstrcatA
GetFileTime
CopyFileA
GetLocalTime
CreateDirectoryA
lstrlenA
DeleteFileW
ExitThread

advapi32

RegCreateKeyExA
RegCreateKeyA
RegQueryValueExA
RegLoadKeyW
RegCreateKeyExW
RegQueryInfoKeyA
RegQueryValueExW
RegEnumKeyExW

user32

GetWindowTextLengthA
EndDialog
AppendMenuA
GetWindowTextA

Sections

.gaf80
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ehhb
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.c3g1g
Size: 121KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.5b4ge
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ