29dd0db15779ffb863345c54fd1709a7 | Triage

Sharing

General

Target

29dd0db15779ffb863345c54fd1709a7
Size

361KB
MD5

29dd0db15779ffb863345c54fd1709a7
SHA1

1128ffb1bf60cfdffd2f9a6e05d99fd6ee4c425c
SHA256

3a09e2b50c089eb7e0267749a325d8b5296033f8f31ce1a3f640e6da54a29992
SHA512

33cc592b89ad6f8c45bf9ba91d67f16d5b1111a01dea68287c9c11aad3825d438e85a73ee7a6f58e83523127de4a20c74607c2af35c96c2d86f1beb859ea56af
SSDEEP

6144:cbeDLwwWFCARMB/6PbAkqxSCHg+bEDHH1j/A5Wd81Fap8UvqALK5bFOt+F4gLX63:j4wWFCA6BBkqxSC3byjQWL8MqAKcIjiP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29dd0db15779ffb863345c54fd1709a7

Files

29dd0db15779ffb863345c54fd1709a7
.exe windows:4 windows x86 arch:x86

e86e3b534e937e39b0060a8c8921aad6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
lstrcatA
CloseHandle
CreateFileA
ExitProcess
GetModuleFileNameA
WriteFile
ReadFile
SetFilePointer

shell32

ShellExecuteA

Sections

.text
Size: 1024B - Virtual size: 790B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE