2cf185c2d90ffcc242a9e3aed0d5ed61610ef5635ebd309e5024f620dac8e4ea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2cf185c2d90ffcc242a9e3aed0d5ed61610ef5635ebd309e5024f620dac8e4ea
Size

2KB
MD5

41b3e7eb384e6116598479741cb4cb95
SHA1

c8125501075d46b7fe1797ef7560505a607f2194
SHA256

2cf185c2d90ffcc242a9e3aed0d5ed61610ef5635ebd309e5024f620dac8e4ea
SHA512

43ff368500f929c5e15c5c89e0f5187c9dc6f2da7345e4bea0f4b68b0e1efaa9d1f1cae13ca039bcaa98ca381c807607067e87a35048ada034aee05bf5be9223

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cf185c2d90ffcc242a9e3aed0d5ed61610ef5635ebd309e5024f620dac8e4ea

Files

2cf185c2d90ffcc242a9e3aed0d5ed61610ef5635ebd309e5024f620dac8e4ea
.dll windows:0 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\bios\lenovo\purley\s0xkt51a_1229_lem\Build\NeonCity\RELEASE_VS2015\IA32\LenovoModulePkg\Ppi\LemPostFlagPpi\LemPostFlagPpi\DEBUG\LemPostFlagPpi.pdb

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 480B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 32B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ