29c94bf7bb922af53cff6c0b671dd6fc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29c94bf7bb922af53cff6c0b671dd6fc
Size

21KB
MD5

29c94bf7bb922af53cff6c0b671dd6fc
SHA1

3c596d91a1abd084a1f13341827c055447559480
SHA256

713b09f304470e64a1996a979322cebfbb62f7069873da4c5b47244f4837e4e8
SHA512

626b579c6bfc9d19e3884c821b910a47100bbb041697ba66afbd3d023796bb73103c483ac6f9702d0300046f6e62c4d9931c07c6721220c9219606d5a9723b0c
SSDEEP

384:hqn0XbDPUddWrQ9/aCXLZg9X21E153mOnEveV22IGj8Bj20+tlVRRGQ2e71:hJLDPyf1xE9EvmIVx2HtbLGly

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29c94bf7bb922af53cff6c0b671dd6fc

Files

29c94bf7bb922af53cff6c0b671dd6fc
.exe windows:4 windows x86 arch:x86

1b357ec454a744acea2223807a5ef1ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
LCMapStringW
GetOEMCP
LCMapStringA
lstrcpynA
CreateFileA
SetFilePointer
TerminateProcess
WriteFile
GetCurrentProcess
GetFileType
GetStartupInfoA
GetModuleFileNameA
GetCommandLineA
lstrcpyA
GetStdHandle
lstrcpynW
GetStringTypeW
GetACP
GetStringTypeA
lstrcatA
SetHandleCount

user32

DialogBoxParamW
LoadCursorA
IsWindow
DrawIcon
DrawIconEx
GetWindowTextLengthA
GetCursor
GetMenu
EndDialog
CopyIcon
GetDC
GetFocus
DialogBoxParamA
GetDlgItem
IsMenu
InsertMenuA
GetWindowTextA
DrawTextA
CopyImage
LoadMenuA
CreateIcon

comctl32

ImageList_Destroy
ImageList_GetIcon
ImageList_Copy
CreateStatusWindow
DllGetVersion
MenuHelp
ImageList_Create
CreateUpDownControl
CreateToolbarEx
ImageList_Draw
ImageList_AddIcon
CreateMappedBitmap
InitCommonControls

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ