test2[.]test | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

test2.test
Size

345KB
MD5

424c43428a5f0ed069b97923d543a827
SHA1

e4fef00c4c64a7a27d21ff7f7e7149ccffdf6e2c
SHA256

f45b0c9564822dc1541c0a2e46b3e4675f9e2da5046edd2383b99e1f8b6ed757
SHA512

e9023054a9b869a16dfa17933b52e37d664d9e162deb9cd96c02c0f7aa4266308793652ea034222e49adc4aad24003b4f48e81a58c0abbc75dc01b4d88a1bd6f
SSDEEP

6144:mm8HFmf2Ee5apzeJ4DSY7Dh6LUr+nxQNBO0fS:GjEuuDC1o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

test2.test

resource
test2.test

Files

test2.test
.dll windows:4 windows x86 arch:x86

6edb7b49e7ce8702a069ef7ebf257bdc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualProtect
GetCurrentThread
lstrcmpA

version

VerInstallFileA
VerFindFileA

comdlg32

GetSaveFileNameA
CommDlgExtendedError

advapi32

LsaEnumerateAccountsWithUserRight
SystemFunction020

gdi32

GdiConvertBitmapV5
GetGlyphOutlineA
SetDIBits

gdiplus

GdipShearMatrix
GdiplusStartup
GdipMeasureCharacterRanges

oleacc

WindowFromAccessibleObject

msimg32

AlphaBlend

oledlg

OleUIUpdateLinksW

shell32

Shell_MergeMenus
SHChangeNotifyDeregister

winspool.drv

PrinterMessageBoxW
ExtDeviceMode
SetPortW
GetPrintProcessorDirectoryA

shlwapi

PathRemoveBackslashA
SHDeleteKeyW

comctl32

CreatePropertySheetPageW
GetEffectiveClientRect

imagehlp

SymGetSymFromAddr
SymGetModuleInfoW64

oleaut32

VarBoolFromUI8

ole32

CoRevokeMallocSpy
CoCopyProxy
DllGetClassObject

user32

BroadcastSystemMessageExW

Exports

Exports

GetClass

Sections

.text
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdatat
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6edb7b49e7ce8702a069ef7ebf257bdc

Headers

File Characteristics

Imports

kernel32

version

comdlg32

advapi32

gdi32

gdiplus

oleacc

msimg32

oledlg

shell32

winspool.drv

shlwapi

comctl32

imagehlp

oleaut32

ole32

user32

Exports

Exports

Sections

.text Size: 197KB - Virtual size: 196KB

.edata Size: 512B - Virtual size: 112B

.data Size: 24KB - Virtual size: 4KB

.data Size: 49KB - Virtual size: 48KB

.rdatat Size: 2KB - Virtual size: 1KB

.rsrc Size: 69KB - Virtual size: 68KB

.text
Size: 197KB - Virtual size: 196KB

.edata
Size: 512B - Virtual size: 112B

.data
Size: 24KB - Virtual size: 4KB

.data
Size: 49KB - Virtual size: 48KB

.rdatat
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 69KB - Virtual size: 68KB