2a4bd4e50cfd55b0c641c02cc49097dd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a4bd4e50cfd55b0c641c02cc49097dd
Size

10KB
MD5

2a4bd4e50cfd55b0c641c02cc49097dd
SHA1

b128eed3936047353afccd9f38be612b2518cfcd
SHA256

e3fee450618d8d981ff45ee28923aa8bf4fe0509c720eb133e00892e974826d1
SHA512

bedeffe123f43319b87420826a20667fe6751d920d56b4b81c2293595fd5b5848619c8a6217c8316853c6e981bde6e403ef1095c5504271c8ea9ae167c467d26
SSDEEP

192:fgwvNyb0RR6Lv8cStPCwBsOFSELTXq15FQddcvJjbaWnWy:jNyYEvgqKnSELrq15+ddcvJjbaWnW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a4bd4e50cfd55b0c641c02cc49097dd

Files

2a4bd4e50cfd55b0c641c02cc49097dd
.dll windows:4 windows x86 arch:x86

0e690f4b91baa70427301e29b4916916

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualFreeEx
GetProcAddress
VirtualAllocEx
GetFileSize
GetLastError
CreateFileA
CloseHandle
WriteFile
LoadLibraryA
VirtualAlloc
CreateThread
ReadFile

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 896B - Virtual size: 885B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 288B - Virtual size: 288B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 816B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 640B - Virtual size: 628B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ