2e88c5cf617be299b69a13fc9ce84b0ac677a96f7f9a1aa0f65319cdb6f2694eN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2e88c5cf617be299b69a13fc9ce84b0ac677a96f7f9a1aa0f65319cdb6f2694eN
Size

31KB
MD5

fa17369bc4d205858684e8ded5911b50
SHA1

82514365beb2d3946a58ee1b743a890eb7c1c426
SHA256

2e88c5cf617be299b69a13fc9ce84b0ac677a96f7f9a1aa0f65319cdb6f2694e
SHA512

02017d8cbc43106e09aad7e5be552d79ce92c05766bf6492d5ec8c4147f64e3ef6205349028f90507af8f585feed5253e9feb0297a6d2492004535b331fac29a
SSDEEP

768:7PuCWRuY1NN0+spEs9vEbC5/ywAJ8VFR:7bWR7152BEbuywASF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e88c5cf617be299b69a13fc9ce84b0ac677a96f7f9a1aa0f65319cdb6f2694eN

Files

2e88c5cf617be299b69a13fc9ce84b0ac677a96f7f9a1aa0f65319cdb6f2694eN
.exe windows:4 windows x86 arch:x86

b66f2358dd28c855cd1bcb856d84a6ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

ntdll

NtSetInformationThread

shell32

SHGetSpecialFolderPathA

Sections

CODE
Size: 24KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE