2b7c6b1c0ef928c03cdf8e3e5e722405 | Triage

Sharing

General

Target

2b7c6b1c0ef928c03cdf8e3e5e722405
Size

313KB
MD5

2b7c6b1c0ef928c03cdf8e3e5e722405
SHA1

6f5fc1f9f1eb70d3178beaf96f2d2bca39b4d8d7
SHA256

e482a1cf5a0931e54c20dd2453d79deed3dc883f75cb152208d3fdef71642612
SHA512

62d9711ffea9498369e9754ed69e1b34876135eaa74020f95e6251848d34eaa7258f762afb8447f71d35211f5b73b050b33d41a259589126f6e7df6ef8f040dd
SSDEEP

6144:eA5K14o/r+O7+1RKXrHJk5UXkalaqq8+8gXmgGVyuD1G0IUJmqHafm:/K/S/2XrHJmR8NgGouRNBsqHem

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b7c6b1c0ef928c03cdf8e3e5e722405

Files

2b7c6b1c0ef928c03cdf8e3e5e722405
.exe windows:4 windows x86 arch:x86

df563f2131479df67a445ffe0f452c62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
ReadProcessMemory
GetTapeStatus
GlobalLock
GetProcessHeap
GetOEMCP
DeleteAtom
ExitThread
GlobalCompact
GetProfileStringA
GetCommState
CloseHandle
ClearCommBreak
FormatMessageA
VirtualAlloc
FindAtomA
GlobalFlags
GetStdHandle
EnterCriticalSection
LoadLibraryExA
CreateHardLinkA

user32

GetForegroundWindow
ValidateRect
RegisterClassA
DrawEdge
GetWindow
GetWindowTextLengthA
GetParent
ShowWindow
EndPaint
GetDC
GetClassNameA
GetActiveWindow
BeginPaint
GetClassInfoExA
GetFocus
IsIconic
ReleaseDC
GetWindowTextA
CloseWindow

wsock32

WSACleanup
WSAIsBlocking
WSAGetLastError
WSAAsyncSelect
WSAStartup

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ