2ba779ad1c45c224c4f73d80e2033c1f | Triage

Sharing

General

Target

2ba779ad1c45c224c4f73d80e2033c1f
Size

15KB
MD5

2ba779ad1c45c224c4f73d80e2033c1f
SHA1

2f3ca3722912b4b3932a321d282792b3d35c9a97
SHA256

231c472623d84c9a8fccc39d6d52976fa47952667f5fc454845129b15c3cbd00
SHA512

66f28c3513b78d0a12f84c2b2d30ef3e08414222e1c72cca4a97ad439dfe04f0ed067c9f9e919185aad4a4f8dacae3bc3e9fcd3b47648fe72af4412a7de1185d
SSDEEP

384:e8IxScnmXjJ3d4UrefchutuZGVk1jEHhVXC95OXK7e4i:szwzrZhut0G21wHh495Oa7e5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ba779ad1c45c224c4f73d80e2033c1f

Files

2ba779ad1c45c224c4f73d80e2033c1f
.exe windows:4 windows x86 arch:x86

2d6418f6ab85d3f3723b759e78bbc7a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlUnicodeStringToOemSize
RtlUnicodeStringToOemString
RtlUnicodeToCustomCPN
RtlUnicodeToMultiByteN
RtlUnicodeToMultiByteSize
RtlUnicodeToOemN
RtlUniform
RtlUnlockBootStatusData
RtlUnlockHeap
RtlUnlockMemoryStreamRegion

Sections

.DATA
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tlss
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NewIT
Size: 512B - Virtual size: 377B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE