29eaf298354882183bec9939d984da57 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29eaf298354882183bec9939d984da57
Size

276KB
MD5

29eaf298354882183bec9939d984da57
SHA1

9ef332af7d999a2f65c3d439821f34ac3ae8e993
SHA256

7dd9f2f571320efee2fc5cf651182848109cd210d7ea363877974cde9490d25b
SHA512

126706452e03aea1566eadc962193751cdd76c6fcbe09e5e5fc180ba20b6e7862aeefffb00a86e9193a6dbae92f416b784b5cf4b40e3a97d564e514531987629
SSDEEP

6144:q9JeSmW9V0HfOrLBZBRxm6Upt8QVVQsm:q3edUlZBmFt7HP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29eaf298354882183bec9939d984da57

Files

29eaf298354882183bec9939d984da57
.exe windows:4 windows x86 arch:x86

011ac4477b2b28972ca4e8840f8eec34

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateProcessA
CreateThread
DeleteFileA
EnterCriticalSection
ExitThread
FindClose
GetCurrentThread
GetEnvironmentVariableA
GetTickCount
GetWindowsDirectoryA
GlobalAlloc
GlobalUnlock
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalAlloc
MulDiv
SetEvent
SetFilePointer
Sleep
WaitForSingleObject
WriteConsoleA
WriteFile
lstrcmpiA
lstrcpyA
lstrlenA

user32

AppendMenuW
DestroyMenu
DrawFocusRect
FindWindowW
GetActiveWindow
GetDlgCtrlID
GetSubMenu
InsertMenuW
LoadBitmapW
PeekMessageW
PtInRect
RegisterWindowMessageW
SendMessageTimeoutW
SetScrollInfo
SetWindowPlacement
SetWindowPos
TrackPopupMenu
TranslateMessage

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 260KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ