2b06809029752839ca2e8cf4da1ae924 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b06809029752839ca2e8cf4da1ae924
Size

60KB
MD5

2b06809029752839ca2e8cf4da1ae924
SHA1

001489576fd6eae2ffa638cae1f756c5c228fd13
SHA256

56b876e0fb72608d9464831e7a4bf1722b02450639f3fd5d32f78c4b3e16893c
SHA512

b4e88a699c7d3f7e5edb34546c4cf178bb659bfc764aab675db1a2d7b9806f980824ca6c5e2edc739107754fe5aa74861f2d3ee1ca5c56b26ff8501b9b6742cd
SSDEEP

1536:BWpLS7+ZSut4oxa1N/oZ8GQ/9d+M/vfgQR:IpW7aVt+Ag9dbfgQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b06809029752839ca2e8cf4da1ae924

Files

2b06809029752839ca2e8cf4da1ae924
.exe windows:4 windows x86 arch:x86

a5a77878d7bca2ae42940e78899b7199

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLongPathNameA
HeapFree
GetSystemInfo
SetConsoleCursorMode
GetWindowsDirectoryA
DeleteVolumeMountPointA
lstrcmp
IsBadHugeWritePtr
IsBadHugeWritePtr
DisconnectNamedPipe
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

atsec0
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

atsec1
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

atsec2
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.atsec3
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ