2bd24fb9a7fa55062f342c4c522387e38a5d553518e18f72c68027e7b2698570 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2bd24fb9a7fa55062f342c4c522387e38a5d553518e18f72c68027e7b2698570
Size

45KB
MD5

5a7cddb664f77a58a180cb8c979990bc
SHA1

3646d6eb3d49e6cf9d2b370f0990fc6bfc294835
SHA256

2bd24fb9a7fa55062f342c4c522387e38a5d553518e18f72c68027e7b2698570
SHA512

ce37c63a1e2c9f1cfdbe9b54b8b410f293b8c0b4c630bc6de93140fcbaa821c4caf2c093dea764338f3196bf3574144c2ffc54b9ef28970eb3c1425b5168922e
SSDEEP

768:fZ0wucsXq78yONDR/kAHXINX8JRbl3I2VG8FetUxc8UmVCNu4TxWXz77DLj:x0wucsbb3YCRbWcFeKJUOpwxWn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bd24fb9a7fa55062f342c4c522387e38a5d553518e18f72c68027e7b2698570

Files

2bd24fb9a7fa55062f342c4c522387e38a5d553518e18f72c68027e7b2698570
.exe windows:4 windows x86 arch:x86

8e3b89212eb788b1b0c947bc3faeb0c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

RegCloseKey

dnsapi

DnsQuery_A

msvcrt

_iob

user32

wsprintfA

wininet

InternetGetConnectedState

ws2_32

recv

Sections

.MPRESS1
Size: 39KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE