2f8d152bafeb5cb3ca444656f3efa4985b66b683d1eaa398c2f01b48944a3aff | Triage

Sharing

General

Target

2f8d152bafeb5cb3ca444656f3efa4985b66b683d1eaa398c2f01b48944a3aff
Size

20KB
MD5

fb1d6e4c1da08a27a1a8a9c43b17ae37
SHA1

0a39ed20694d14460d44a7e9d31603ef281ffeb4
SHA256

2f8d152bafeb5cb3ca444656f3efa4985b66b683d1eaa398c2f01b48944a3aff
SHA512

06f06bd97f47eebcb14cfd1fb6f1bdb1ed848d9097cfaf0169efa6d9773ef225b503c627515c5d9056fa6dc709d3fac501916211c1f8a3cee80f5c4e36ce3f57
SSDEEP

24:eLoSmSceQyK8ESKYQfgksIFzFzFBM+gO:IlmSceQy/FKYIgkFFFs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f8d152bafeb5cb3ca444656f3efa4985b66b683d1eaa398c2f01b48944a3aff

Files

2f8d152bafeb5cb3ca444656f3efa4985b66b683d1eaa398c2f01b48944a3aff
.exe windows:4 windows x86 arch:x86

0b8f2ef7c88ccd16ebd71a4943f7178d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCommandLineW

loadperf

LoadPerfCounterTextStringsW

ucrtbase

__p___argc
__p___argv
_configure_narrow_argv
_get_initial_narrow_environment
_initialize_narrow_environment
_set_app_type
exit

Sections

.text
Size: 4KB - Virtual size: 272B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ