2480b415ab2ae7765cb311fcc3d8af16 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2480b415ab2ae7765cb311fcc3d8af16
Size

41KB
MD5

2480b415ab2ae7765cb311fcc3d8af16
SHA1

524d5207588554a3a803833a596cd3f545ec01ae
SHA256

8accdc33b84379eded86c8d88287bb792304167dc9e7bae8ad69f47c22f8a4c2
SHA512

c56453e70eb5e078bae5ea78509beaf13b5e7e1dbb792dcd818931a3cfdf86e67e13558938d4ed770115d43b3d5255f8abdba69bc3d2baf95b0e7126d2a253b8
SSDEEP

768:iKNATnuE04rly6Mo0AipFzGN26HNSYimpG/544hY6bloW6NDNh:iKanrb5C/AiXGsmw/51hbloWeT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2480b415ab2ae7765cb311fcc3d8af16

Files

2480b415ab2ae7765cb311fcc3d8af16
.exe windows:5 windows x86 arch:x86

2a7e2418be8a09fc671a0ee84b34f19e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
ExitProcess
lstrcmpiA
VirtualProtect
IsBadReadPtr
GetProcAddress
LoadLibraryA
CreateThread
GetModuleHandleA

user32

MessageBoxA
DefWindowProcA
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA
SendMessageA
KillTimer
GetMessageA
DispatchMessageA
TranslateMessage
SetTimer

Exports

Exports

func1
func2
start

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 838B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ