2b49c886a04776878022ffa37707afc7 | Triage

Sharing

General

Target

2b49c886a04776878022ffa37707afc7
Size

3.3MB
MD5

2b49c886a04776878022ffa37707afc7
SHA1

158620ac0bddaac631030538295d8e07241b25ac
SHA256

dd0c288612756c5623b4451f6ae1a4c541855c4c9f4ea7c73d1dfee0e150a639
SHA512

e1503fc8f20fda09d67822b4f54063478f38705ea8ccb850acc7db935796c8a7cb09df9cb5604827ce43b1d97a88176815aafc4a157a80f4ebf5e517daacc4c4
SSDEEP

49152:W+27Qj43Xabf40l4tljccxqL1IIyYdCl6huc0FhVov06v50XnGfz99QXlQYGRYkv:vhj6q7clzxqa7OUboeXQn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b49c886a04776878022ffa37707afc7

Files

2b49c886a04776878022ffa37707afc7
.exe windows:4 windows x86 arch:x86

6645b80c67565d2c63cfeec23c354ba4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
GetDlgItem
EndPaint
IsWindowEnabled
SetWindowLongA
PostQuitMessage
SetForegroundWindow
ShowWindow
ScreenToClient

kernel32

GetModuleHandleA
GetStartupInfoA
WriteFile
ExitProcess
GetProcessHeap
HeapAlloc
GetTickCount
GetSystemDefaultLCID
GetCurrentThreadId
GetCurrentProcess
GetCurrentProcessId
GetCommandLineW
GetModuleHandleW
GetVersion
GetUserDefaultLangID
GetSystemDefaultLangID
GetCurrentThread
GetCommandLineA

Sections

.text
Size: 712KB - Virtual size: 712KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 826B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6.6MB - Virtual size: 6.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 394KB - Virtual size: 393KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ