29e12a8d64ed88c06123afebc3193d68 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29e12a8d64ed88c06123afebc3193d68
Size

746KB
MD5

29e12a8d64ed88c06123afebc3193d68
SHA1

e703936993012d68d874f51f32362282e3835974
SHA256

45a90c95db22585001e48a6455239da12b01fe7191633f401996de920169a0a1
SHA512

5af90778e7272fb6309267995f16791ad85dcab12f59490cfbbbf6d9fed668f8afee5a32139800a9ed7065e5511b087fd608985816815f725d27f3c6ac3a870e
SSDEEP

12288:as8/PbvIApJf2ETSKu5xqnwiwOthesGRFwFQsuUlHXLtc3O6qUY/8nkDp:gLvdjIqJ2XwLhc3O688n6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29e12a8d64ed88c06123afebc3193d68

Files

29e12a8d64ed88c06123afebc3193d68
.exe windows:5 windows x86 arch:x86

efe4fdfa24ad8b4dd1111515f1bfb254

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalSize
EnterCriticalSection
MapViewOfFile
GetFileAttributesA
ExitThread
ReadFile
FindVolumeClose
SetFileAttributesW
FindClose
GetCommandLineA
HeapCreate
CloseHandle
GetModuleHandleA
IsBadReadPtr
GetCurrentDirectoryW
GetDriveTypeA
HeapFree
GetFileTime
GetCommandLineW
GetEnvironmentVariableW
WaitForMultipleObjects
GlobalLock
lstrlenA
GetFileType
FindVolumeClose

uxtheme

IsThemeActive
GetWindowTheme
GetThemeTextExtent
GetThemeEnumValue
CloseThemeData
OpenThemeData
GetThemeTextMetrics
GetThemeColor
GetThemeBool
SetWindowTheme
CloseThemeData
DrawThemeEdge
DrawThemeBackground

dmocx

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 738KB - Virtual size: 738KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE