2ac4115e1fe2645fa4b7af74dfe20f17 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ac4115e1fe2645fa4b7af74dfe20f17
Size

100KB
MD5

2ac4115e1fe2645fa4b7af74dfe20f17
SHA1

c3585570c4e8cef622509444555f5582d888a4ae
SHA256

a7a8944740f9ee7f1aaebc3f40092336fdd3526148236cd8fbaa977c948492b9
SHA512

0bdc9714886cc249c22db62153509cf8673477fe31a67e9f6dae45ea2d70ae9a818f2be142aae6dcb23317cde5646391acede8e56f18a8b24baafce1edd76b78
SSDEEP

3072:zxqt38pn27pMWZ+mNt4IO+UONZ6N0IJE6u2V5W:wx881Tgmkn+UUQ5E6zV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ac4115e1fe2645fa4b7af74dfe20f17

Files

2ac4115e1fe2645fa4b7af74dfe20f17
.exe windows:4 windows x86 arch:x86

34ceafcc0983e390d6d5521ac27b3c07

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
DeleteCriticalSection
GetEnvironmentVariableA
DuplicateHandle
lstrcatA
LoadResource
GetLocaleInfoW
VirtualLock
PulseEvent
LoadResource
GetNumberFormatA
GetNumberFormatW
GetEnvironmentStrings
GetStringTypeW
lstrcatA
HeapCreate

user32

CheckDlgButton
GetMessageA
PostMessageA
LoadCursorA
PostThreadMessageA
ToUnicode
DrawTextA
UpdateWindow

gdi32

CreateDCA
SetBkColor
SetDCPenColor
RemoveFontResourceA
GetCharWidthA
GdiConvertPalette
EngMultiByteToUnicodeN
Chord
GdiConvertFont
FloodFill
FlattenPath
GetBitmapBits

Sections

CODE
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 897B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ