29e73097cd38f9b9deab928ac2f4e6da

General

Target

29e73097cd38f9b9deab928ac2f4e6da
Size

173KB
MD5

29e73097cd38f9b9deab928ac2f4e6da
SHA1

fc05f8895a3f44b47606953fecbda2596e3ecbcd
SHA256

e051095dc0093b3fefda9278f887db296bae7b7d72818fa35a6cc2b3db3d4499
SHA512

c739fbc7e927317fc992a66e83d49bb6abc8230b33a93fdec5c9a673a693d23b2b46a6589aa822a94b20d950a5549faa241f8ab68434b93c0ccda1f91d936f25
SSDEEP

3072:YiGwkDqKn4koWH/2dzs/AmBBBnJyDgVjQdZGcpTNk5QCTOV/uZOR:YiGwkfnroS/GsFisj25IyuA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29e73097cd38f9b9deab928ac2f4e6da

Files

29e73097cd38f9b9deab928ac2f4e6da
.exe windows:4 windows x86 arch:x86

7e404c8efc887f4cfd56e1bc735a54d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

shell32

SHGetSpecialFolderPathA

advapi32

RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegDeleteValueA
RegSetValueExA

ole32

StgCreateDocfile
StgOpenStorage

user32

wsprintfA
wsprintfW

kernel32

MultiByteToWideChar
LoadLibraryA
GetShortPathNameW
LocalFree
SetUnhandledExceptionFilter
DeleteCriticalSection
GetThreadLocale
GetProcAddress
QueryPerformanceCounter
GetProcessTimes
CreateFileA
FreeLibrary
GetCurrentThreadId
CloseHandle
ExitProcess
WideCharToMultiByte
GetModuleHandleA
EnumResourceTypesA
InterlockedDecrement
GetACP
LeaveCriticalSection
GetTickCount
InitializeCriticalSection
EnterCriticalSection
GetCurrentProcessId
GetLocaleInfoA
InterlockedExchange
IsBadReadPtr
InterlockedIncrement
GetFileAttributesA
IsBadWritePtr
lstrlenW
GetSystemTimeAsFileTime
IsDebuggerPresent
UnhandledExceptionFilter
GetLastError
lstrlenA
GetVersionExA

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e404c8efc887f4cfd56e1bc735a54d9

Headers

File Characteristics

Imports

setupapi

shell32

advapi32

ole32

user32

kernel32

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 2KB - Virtual size: 1KB

.bss Size: 67KB - Virtual size: 66KB

.edata Size: 1024B - Virtual size: 96KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: 67KB - Virtual size: 66KB

.edata
Size: 1024B - Virtual size: 96KB