lua50[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

lua50.exe
Size

20KB
MD5

b9bc6b8eda9140be351fa1a8ab57fa50
SHA1

83fe51e7cba222acddff0086579caed5cb053318
SHA256

240741e4ccc6ea404f088fbb772e61c132c417009660e4694358b58449ea7708
SHA512

081ef2668080ece62701ff9e95ef96e4b8e04553ed3d0cc0469faa030fa174910360d6ce710e04f8f344ae0c072e01a7d2e833cd9633277f853b1d05bac263ff
SSDEEP

96:vanD+Xgu/SVKB2ZJDUp9Pwue2d53XH/qu3ogP4oynA47SXny:MSx/D2rDUp9Pwue0HHp3HP4oynA47Si

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
lua50.exe

Files

lua50.exe
.exe windows:4 windows x86

726c043554f3e51a17d37d8fa10c7ce9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

lua50

lua_concat
luaL_loadbuffer
lua_strlen
lua_settable
luaL_error
lua_pushnumber
lua_newtable
luaL_loadfile
lua_type
lua_sethook
lua_pushlstring
lua_rawget
lua_remove
lua_gettop
lua_pushstring
lua_gettable
lua_insert
lua_pcall
lua_pushfstring
lua_touserdata
lua_tostring
lua_settop
lua_open
lua_cpcall
lua_close
luaopen_base
luaopen_table
luaopen_io
luaopen_string
luaopen_math
luaopen_debug
lua_rawset
luaopen_loadlib

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
getenv
strstr
fflush
fgets
signal
fputs
fprintf
_iob

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ