2ce6f9df41aed03c4a875dc3a4735798 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ce6f9df41aed03c4a875dc3a4735798
Size

207KB
MD5

2ce6f9df41aed03c4a875dc3a4735798
SHA1

e7cc85a473f3a60b2be69f7856177e5faa0b677b
SHA256

e4ba009c8955ffaf14a4445b2e174a4c6ab56dc8bf5f96620ab410e8eac21582
SHA512

97c9a13819d25392954763ea75248ea41c2898a609e5f60a554fa5bcab82122068fc690846ba1062e7bebab6c800158592f2eafcc8fbb0b27c1e6c74619a0c30
SSDEEP

3072:bsQgGGAy6CG82ZEv7uumQ7dvLwmeMpLag4FEB/xea8JHrCKzTepmbCSY/:bs6GVY82ZluvvcvMpL2+wJHDTqUCSq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ce6f9df41aed03c4a875dc3a4735798

Files

2ce6f9df41aed03c4a875dc3a4735798
.exe windows:4 windows x86 arch:x86

862fd64be77213020e79ef1fef4d1de7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
GlobalAddAtomA
GlobalFree
LoadLibraryExA
VirtualProtect
SetErrorMode
SetConsoleCP
GetStdHandle
GlobalDeleteAtom
GetDriveTypeA
EnterCriticalSection
GlobalUnlock
HeapCreate
GetACP
InterlockedExchange
Sleep
CloseHandle
GetLastError
GetLocaleInfoA
RaiseException
FoldStringA

user32

GetCursorPos
GetWindowTextA
ShowWindow
GetFocus
CharToOemBuffA
ClipCursor
GetWindow
ReleaseDC
IsIconic
BeginPaint
DrawEdge
EndPaint
DrawTextA
GetActiveWindow
ValidateRect
GetMenuItemInfoA
SetForegroundWindow
GetParent
GetClassNameA

version

GetFileVersionInfoSizeA
VerInstallFileA
GetFileVersionInfoA
VerQueryValueA
VerFindFileA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 752KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ