2d4dab03563e0f0a3ec69a70e60db250 | Triage

Sharing

General

Target

2d4dab03563e0f0a3ec69a70e60db250
Size

133KB
MD5

2d4dab03563e0f0a3ec69a70e60db250
SHA1

f600231bdd814bc417c01dd871770f59a289874d
SHA256

9eacaaa0fe9bd45b5cc42ad887a462de7798b0c8f18e045fc94d35fe01cbbb2b
SHA512

fe26419681ed155734d086fc9fc564c2d7779321c0c4ef5e5673c437fdf6330f169c77aeaee2e715abfa9939c77a0a85fa5e91a695e64b34202aa2833a164c4e
SSDEEP

3072:qnpc6QQivfiPiOTGWpVBDKy+xLG2KbwA0L+efw696LN:qpc6eHobTTBDKPK/efwm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d4dab03563e0f0a3ec69a70e60db250

Files

2d4dab03563e0f0a3ec69a70e60db250
.exe windows:5 windows x86 arch:x86

4afd4e5f01c07b2143f83d6f6603a401

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrCmpLogicalW
PathCompactPathExA
StrCmpNIA

kernel32

GetSystemDirectoryA
lstrlenW
GetModuleHandleW

Exports

Exports

?CoolerOptions@[SXH_KK]V
?GetImpersunt@[SXH_KK]V

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xsys
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ