2b9a38459611b421c4dc44c6ba4fc4c8 | Triage

Sharing

General

Target

2b9a38459611b421c4dc44c6ba4fc4c8
Size

48KB
MD5

2b9a38459611b421c4dc44c6ba4fc4c8
SHA1

70481b3fe4e576bfe4082c28a25a612fbec40101
SHA256

47841b7e4642309f65ed45b18d15417feb39b23ab17e654ecf9368f466086b85
SHA512

4e90e7df5b04a4a2dd64536b2b92f2a224bbbd9c4bd412c2b003599b08be766bb5ec0b8d11d3b31e6a889e6fb0324a9efb7b684415cfdb7939e83630f97e41e8
SSDEEP

768:UQQCJT8ua3dJplnCCKQlL1JEXpSHunFKvUMjrYr1BzFNJ61XjE:VlJTZa3dd1KQZKwHu4vUarYjXUA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b9a38459611b421c4dc44c6ba4fc4c8

Files

2b9a38459611b421c4dc44c6ba4fc4c8
.exe windows:5 windows x86 arch:x86

2670649060feb3ccf98f50d694223707

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptGetHashParam

kernel32

FindNextFileW

shlwapi

PathCombineW
PathFileExistsW
PathFindFileNameW
PathMatchSpecW
PathRemoveFileSpecW
StrStrW
wnsprintfA
wnsprintfW

user32

CloseWindowStation
DispatchMessageA
DrawIcon
EndDialog
ExitWindowsEx
GetDlgItemTextA
GetKeyboardState
GetKeyState
GetWindowThreadProcessId
OpenWindowStationA
SetThreadDesktop

Sections

.ejgd
Size: 39KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nkh
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ibez
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ