2eb66c3fd69daec4e28d7dc148db22e8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2eb66c3fd69daec4e28d7dc148db22e8
Size

3.2MB
MD5

2eb66c3fd69daec4e28d7dc148db22e8
SHA1

62c356c66b9248430575addcae61868eacff3456
SHA256

4cdca4e7fa1d9644cdfceb9e6c3eead59f874fc5c12a08e7f3a52fa85bf2ed9c
SHA512

9357107731ed922eadc923d905ebdda19b6f5375a8b56c85c1c1638812683cf849a17620ab490f290972b134c8a78bc33f96c6f1b3c88c163c1e5d3f3514a39e
SSDEEP

49152:QL/YfmFcY4xYcxLhVZCqxbOPZy3PZBZkjmQLMCAz/gsuFqH+f1efVG8Y1J0pLuT:QL/hFtOYaLfgOZBZymQwrrgs/+fQfiS6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2eb66c3fd69daec4e28d7dc148db22e8

Files

2eb66c3fd69daec4e28d7dc148db22e8
.exe windows:4 windows x86 arch:x86

acd9fa3a74cc4c1d92998e6ad62eeb8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA
FreeLibrary
LoadLibraryA

user32

wsprintfA
MessageBoxA

Sections

.data
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ