2ba55279a68b4718a6d56fd30f986709 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ba55279a68b4718a6d56fd30f986709
Size

49KB
MD5

2ba55279a68b4718a6d56fd30f986709
SHA1

18dd61432e31cae1b0286b68046c1ffa7dfb1771
SHA256

dea1a5d59c15b1be284c3c7994f3edcc8c0ae34383145c53b802c251ca25b2e6
SHA512

8890ef234e604171b6b3e51ca6726b22418e797852ba0d7a102084fe85585766e953da117c63efc8af06ce7ba932fb7aad435e8023d59446b083b0322653a0e3
SSDEEP

768:JK7Nitr3A1IgC+J0YSe4X/uvy6+B16ylt+txJ1FWImjV:J1t7KhC+js/+y6q6yr2b1FxmjV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ba55279a68b4718a6d56fd30f986709

Files

2ba55279a68b4718a6d56fd30f986709
.exe windows:5 windows x86 arch:x86

4f5a06b3a310e55c03a26c7630096b51

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptCreateHash
DuplicateTokenEx

kernel32

LeaveCriticalSection

shlwapi

PathCombineW
PathFileExistsW
PathRemoveFileSpecW
SHDeleteKeyA
StrCmpNIA
StrCmpNIW
wnsprintfA
wvnsprintfA

user32

DispatchMessageA
GetCursorPos
GetDlgItem
GetDlgItemTextA
GetForegroundWindow
GetKeyboardState
GetKeyState
LoadCursorA
PeekMessageA
SetProcessWindowStation

Sections

.qvsp
Size: 39KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.arupwd
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jmr
Size: 6KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ