2bdea5de0a77657120c2972e376defbc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2bdea5de0a77657120c2972e376defbc
Size

751KB
MD5

2bdea5de0a77657120c2972e376defbc
SHA1

44aaa49a17e9d502e878cc235e767aeb6abd983f
SHA256

2810cd20453df0e3edbd5a1a433fdfbbb97aa15bb5aa09c36ee360c09c4f9726
SHA512

3b10a2afc91ba794e219bc57d90e0fed164a1664c9c88a223e38265f527d5c45a96499c27a4d64d20bb77a6ae8e0e6f755300320baaf063a53cdef20ba24f188
SSDEEP

12288:CCY8H58I6TVtx+2kKtPh/4qZDiv+HQ7CQZS9LQVD/rJeIQpkm9Nfb6XxLcPL:Ch258Tx+1KtPhDICQMaHi5fWU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bdea5de0a77657120c2972e376defbc

Files

2bdea5de0a77657120c2972e376defbc
.exe windows:4 windows x86 arch:x86

1b73258aea8d6d957484665c26eab791

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableW
GetFileAttributesA
CreateMutexA
GetTickCount
GetStartupInfoW
RemoveDirectoryA
HeapCreate
CreateFileA
HeapSize
WaitForSingleObject
GetModuleHandleA
Sleep
GetConsoleTitleA
FindClose
GetCurrentDirectoryA
ExitProcess
GetCommandLineW
CloseHandle
CreatePipe
ResetEvent
GetStdHandle
WaitForMultipleObjects
DeleteFileA
SetLastError
OpenProcess

user32

GetDC
GetWindowLongA
PeekMessageA
DispatchMessageW
MessageBoxA
GetDC
CallWindowProcW
GetSysColor
DispatchMessageW
FindWindowW
GetClassInfoA
GetDC
FillRect

ureg

??1REGISTRY@@UAE@XZ
??1REGISTRY@@UAE@XZ
??1REGISTRY@@UAE@XZ
??1REGISTRY@@UAE@XZ

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 745KB - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ