29d370d8a5bb9546cdb64d356200737f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29d370d8a5bb9546cdb64d356200737f
Size

150KB
MD5

29d370d8a5bb9546cdb64d356200737f
SHA1

a0a6178d68eaf3fdb6dbed74922261c528ff76b4
SHA256

79f62a60242d7e8021766f057d1ab26b4e2b4473af58a04444dadadef1151179
SHA512

5ea36e29ec64c777ea160849febb5059a19f3bc3b59f7378f11074d8c3d97b3c0e49af52fb7e9fa046dba279c91b3de140012d8119c2d646aecdad6d9dc06db9
SSDEEP

3072:mu45/0nVB4vpT29PvGYrrBsNmdCbRdopJcGDte1Xy:mb5/0nV0CP+YrNs84dO4Vy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29d370d8a5bb9546cdb64d356200737f

Files

29d370d8a5bb9546cdb64d356200737f
.exe windows:4 windows x86 arch:x86

b8595db1c654d84bb5399e8de05eb5c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetProcAddress
VirtualAlloc
LocalFree
LoadLibraryA
GetThreadLocale
GetFileType
GetSystemInfo
GetModuleHandleA
GetVersionExA
CloseHandle
LocalAlloc
GetLastError

user32

GetFocus
GetKeyState
DispatchMessageA
TranslateMessage
BeginPaint
EndPaint
GetMessageA
CharNextA

advapi32

RegOpenKeyA
RegOpenKeyW

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 678B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ