2050b933a6fe583f9c68488d2f2fda53 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2050b933a6fe583f9c68488d2f2fda53
Size

29KB
MD5

2050b933a6fe583f9c68488d2f2fda53
SHA1

a869f7b3f4ea3d0500e459644e8d120e601f15b3
SHA256

0dbbeecb4643cc8397d92dd8f4e7e7227c64eeac588f64307cf56b5909320430
SHA512

e30510db8dfecbf7fd13625ce71f5ac6da1c82af366e77e669248f525877c97160d862d486bf9c4e83fa14362ed7e8129e34667fa8b9abfb6bf61de6f4ac6003
SSDEEP

768:bvUjTFmlCoR0fMNma529uL7E7EfGywr/P:IjTmCO5UaH7BerH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2050b933a6fe583f9c68488d2f2fda53

Files

2050b933a6fe583f9c68488d2f2fda53
.exe windows:4 windows x86 arch:x86

ac9eb1085b6eee2907a6ad89926cf94d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

shell32

SHGetSpecialFolderPathA

Sections

CODE
Size: 21KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE