2ef5b0c5dbf4f0803cb2dafd92b3b75e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ef5b0c5dbf4f0803cb2dafd92b3b75e
Size

789KB
MD5

2ef5b0c5dbf4f0803cb2dafd92b3b75e
SHA1

c4ee42d080389426bb4ef9430e27d75bd755f476
SHA256

9cb897b590223eb20f7b4943a6b1c8877aa9407472863dc65a700c184f41d620
SHA512

c43963ec4e0d4c8f2230a451a6c03dce310e92d14bf5dc6b661a924c0f82b2c7efb21483ac91cf15cc6f0af97007f67c228757a1b28cc0d74d3d76ccd2bb0a15
SSDEEP

12288:x/cxB2ybCzSUn/nr5UfKddqWiWllT3yxsw8Ugjfn:xkH2ymuMj5UfKWulZMNiv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ef5b0c5dbf4f0803cb2dafd92b3b75e

Files

2ef5b0c5dbf4f0803cb2dafd92b3b75e
.exe windows:4 windows x86 arch:x86

41a19ac947d2f97a1928659464b28c5e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
FindResourceA
GetCurrentThreadId
GetStdHandle
CreateMutexA
GlobalUnlock
SetEnvironmentVariableA
SetLastError
LoadLibraryExW
lstrlenW
ReleaseMutex
HeapCreate
CloseHandle
LocalFree
GetModuleHandleA
TlsGetValue
CreateFileA
DeleteAtom
VirtualQuery
GetPriorityClass

user32

CopyRect
CallWindowProcA
GetCaretPos
GetIconInfo
DispatchMessageA
FillRect
GetDlgItem
DrawEdge
SetFocus
IsWindow
CheckRadioButton
DrawMenuBar
GetDC

ntshrui

IsPathSharedA
SetFolderPermissionsForSharing
GetNetResourceFromLocalPathA
IsPathSharedW
GetLocalPathFromNetResourceA

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 766KB - Virtual size: 768KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ