5a29de7411e7bfb45fb1730c46e5fb30 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a29de7411e7bfb45fb1730c46e5fb30
Size

636KB
MD5

5a29de7411e7bfb45fb1730c46e5fb30
SHA1

80552359ca17b52ec87512b96be2e56db9c95c04
SHA256

9fe3f905509dd0e4ad8dabdf399d8d5ba849f2779af28ae30d5b2cd70484b284
SHA512

d5bdb166d34fb00c3edae986750d5b1db2e69651a1b951af73f67fb3452f60259e7804e328fc23bd75ef1c94b755395f21ee505ef995fa0aec14659fd6aa5a54
SSDEEP

12288:G/IdkKhXHRQD5Px6rtpsWvLBAOeKcsgsFq2Wr7T6MJP2oWRVAqc/n/qFlGW5:wQjRQDpQtO+BU7qmXtgRVAqc//05

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a29de7411e7bfb45fb1730c46e5fb30

Files

5a29de7411e7bfb45fb1730c46e5fb30
.exe windows:4 windows x86 arch:x86

15f7bab65c195863e0854adde93009e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

OpenThreadToken
RegQueryInfoKeyW

msvcrt

_exit
__dllonexit
_purecall
_initterm

kernel32

CompareStringW
GetCommandLineA
VirtualAlloc
ExitProcess
QueryPerformanceCounter
IsDebuggerPresent
VirtualProtect
LocalAlloc
WriteConsoleW
GetCurrentThreadId
UnhandledExceptionFilter
GetModuleHandleA
TlsAlloc
GetEnvironmentVariableW
SleepEx
HeapAlloc
GetVersionExA
GlobalAlloc
FindFirstFileW
GetCurrentProcessId

gdi32

SelectPalette

user32

SetClipboardData
GetDlgItemTextW

Sections

.text
Size: 618KB - Virtual size: 618KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 776KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 70B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ