2d4bbdabbd1765447a1769b3c59c6924 | Triage

Sharing

General

Target

2d4bbdabbd1765447a1769b3c59c6924
Size

325KB
MD5

2d4bbdabbd1765447a1769b3c59c6924
SHA1

b3903069c6054f9b363321e74db50b0a7a0074d9
SHA256

3e259a20f9b6eb8b7b5246ad69ef1925c5790097ce5f04aa0d1f67172db3c70d
SHA512

5ed1ad0f09d4cb48c1de72f4eb12c854c9cde265ead2dbcea5a236c42edd5e9a674bbe3fbc2bf9dde923df60dc4f8881b2a8729238e32a2fdc22b04793ac4b51
SSDEEP

6144:8YVAsIjl7DhpIdVmAPoEU56xGBPKK89gLGS:ksOlB+dVmAgEhcM+d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d4bbdabbd1765447a1769b3c59c6924

Files

2d4bbdabbd1765447a1769b3c59c6924
.exe windows:4 windows x86 arch:x86

e355d2e2043aa688967bb2f0434e9437

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

psapi

GetProcessMemoryInfo

ole32

CoInitialize
CoUninitialize

setupapi

SetupGetTargetPathW
SetupIterateCabinetW

user32

FindWindowExA
SystemParametersInfoA
DialogBoxParamA
GetWindowWord
GetClassInfoA
CreateWindowExA
SendMessageTimeoutA
wsprintfA
PostQuitMessage
SetForegroundWindow
EnumWindows
SetWindowTextA

kernel32

GetComputerNameW
DeleteFileA
SetupComm
GetWindowsDirectoryA
ExitProcess
FindFirstFileA
FindNextFileA
FindClose

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

imm32

ImmSetCompositionWindow
ImmNotifyIME
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 190KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ