2bf8bd520a2666779050d9ce76c060ac3d59dd96d3e65940f74a4d5f1376a1ee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2bf8bd520a2666779050d9ce76c060ac3d59dd96d3e65940f74a4d5f1376a1ee
Size

59KB
MD5

05fdef58b3828ca350fc36fa35930c9e
SHA1

622b3fb7972bb3ff98041ebabccbcada082c6e39
SHA256

2bf8bd520a2666779050d9ce76c060ac3d59dd96d3e65940f74a4d5f1376a1ee
SHA512

63dad25c2ac569f83c7eb7d96d80111bac9971a18c04def46dbf8fd6b1de1543de3920eb5f1d3be8881edeb8a3e9375eb7ab91bff372d4b7e564a11149076533
SSDEEP

1536:w0U6PG0PGjhvWlhe+eztEJeGKc3r+hGjPSrJfD/:jPxPCv6wxEVryGjuD/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bf8bd520a2666779050d9ce76c060ac3d59dd96d3e65940f74a4d5f1376a1ee

Files

2bf8bd520a2666779050d9ce76c060ac3d59dd96d3e65940f74a4d5f1376a1ee
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Sections

.text
Size: 311KB - Virtual size: 310KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wixburn
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ