29dc3b03bf053cc9e23d253d4187010d

Sharing

Copy URL Twitter E-mail

General

Target

29dc3b03bf053cc9e23d253d4187010d
Size

127KB
MD5

29dc3b03bf053cc9e23d253d4187010d
SHA1

bb267329a173cab56184a7668ff918ee48744753
SHA256

dccb9abe0ae8e48a17fbc3a729446b30563a1998295dd44dce8b31be2bf6609f
SHA512

dc5d24669e9f007e42e4de695db71b741ffa0aecfb6664f79372cf402c0fe36165fe217c8e3ee46996e5b96fe289fcfc8a4df6c5cf2398b9ced54cb7530aa0d9
SSDEEP

3072:ZcOmW0bMb4YOL2XN7W86HFVfIJg89VwggsRj617N+g392U:bmW0c4YOKXNIugggtQIEU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29dc3b03bf053cc9e23d253d4187010d

Files

29dc3b03bf053cc9e23d253d4187010d
.exe windows:5 windows x86 arch:x86

678c8c4d6fb13fb155d26984ece7e0d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

wcsrchr
_wcsicmp

shell32

ord196
SHGetPathFromIDListW

shlwapi

StrNCatW
StrChrW

kernel32

BackupSeek
GetExitCodeProcess
GetBinaryTypeW
OpenMutexA
GlobalFindAtomW
LoadLibraryExA
UpdateResourceW
GetFileAttributesExW
CloseHandle
DeleteAtom
lstrcpyA
WaitForSingleObject
GetModuleHandleExW

user32

MapVirtualKeyExA
GetCapture
WinHelpA
CharUpperA
PeekMessageW
InvalidateRgn
KillTimer
GetNextDlgGroupItem
SetScrollPos
ChangeClipboardChain
CheckDlgButton
GrayStringW
OemToCharBuffW
LoadStringW
GetScrollPos
GetMenuState

gdi32

GetMiterLimit
CreateDCA
GetCharWidthA
DeleteColorSpace
EndPath
CreateRectRgn
PlgBlt
GetObjectA
GetArcDirection
PtInRegion

ole32

WriteClassStm
IsAccelerator
CoInitialize
CoDosDateTimeToFileTime
CoUninitialize

Exports

Exports

?BCxDtsfdghafjdgasHJFGd@@YGKK@Z
?BdvHGdhsKYidystiyfge@@YGKKK@Z
?NBDbcdFTDYswdtwfdtd@@YGKKKK@Z

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.newdata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.info
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 554B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

678c8c4d6fb13fb155d26984ece7e0d8

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

shell32

shlwapi

kernel32

user32

gdi32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 476B

.newdata Size: 512B - Virtual size: 512B

.info Size: 512B - Virtual size: 176B

.rsrc Size: 119KB - Virtual size: 119KB

.reloc Size: 1024B - Virtual size: 554B

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 476B

.newdata
Size: 512B - Virtual size: 512B

.info
Size: 512B - Virtual size: 176B

.rsrc
Size: 119KB - Virtual size: 119KB

.reloc
Size: 1024B - Virtual size: 554B