2d257f8ae3898e8ab68726d9008f4474 | Triage

Sharing

General

Target

2d257f8ae3898e8ab68726d9008f4474
Size

3.6MB
MD5

2d257f8ae3898e8ab68726d9008f4474
SHA1

61428a36b6dc175ea104c3c9f42a1ba75334df31
SHA256

387ac937bb42cb24530a24a9bd7ab55321eea9bc2f965c62d3ecba8d61e5d26c
SHA512

0cfad75ed7d12a6a49c6f361cadbbe6260aa83b1eacef0959edab2744bee505de4d27646611197b0518a0c4ce7d8ad2505faa511ae96cd91c598382377acceb0
SSDEEP

98304:cB8GZY2Rf6ts+WY51CMrT9hwq8XC0z27ZFsZiLvp:caGZdRf6Hv5U6v8XC2EsZkv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d257f8ae3898e8ab68726d9008f4474

Files

2d257f8ae3898e8ab68726d9008f4474
.exe windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 1.1MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 669KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

luthafeh
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nmpbpgke
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE