2e38e42476884b6d870067230f9df285 | Triage

Sharing

General

Target

2e38e42476884b6d870067230f9df285
Size

7KB
MD5

2e38e42476884b6d870067230f9df285
SHA1

5a9480a8f42f5ef1b11c9c18e45ae01dc2e50d9a
SHA256

732b0b4e38e615880b8213a127b3d934fab654e0396d482b30b39bb67dc9ebdf
SHA512

37a6a9f1be76e0ecefc67656bd9ea616da59e391802da2d891dc0689524988fe8e5b92e1c77e73162293e46a847617d875723119781fe6aa6e326a1cad767675
SSDEEP

48:66ay5YVO3EVkApc2wp8hH1NZn5EquglQ067YbPWobABbgL3q9J5S2hmc:b3EVkApcX4Hiv0hbPiq3qX5S2hV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e38e42476884b6d870067230f9df285

Files

2e38e42476884b6d870067230f9df285
.dll windows:1 windows x86 arch:x86

731b7e280add7ddd2d8bee2511c30cf5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsA
CloseHandle
GetSystemDirectoryA
OpenMutexA
RtlUnwind
WinExec

crtdll

_fdopen
_open_osfhandle
fclose
_cexit
malloc
printf
raise
setbuf
sprintf
srand
strcpy

Exports

Exports

_LibMain@12

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84B - Virtual size: 84B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 176B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 712B - Virtual size: 712B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 160B - Virtual size: 160B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE

.edata
Size: 72B - Virtual size: 72B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ