29ecc2f725672b5bcd9c9ca8247b5974 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29ecc2f725672b5bcd9c9ca8247b5974
Size

132KB
MD5

29ecc2f725672b5bcd9c9ca8247b5974
SHA1

39cf12a2560b995d541ee74899127a1b9efed557
SHA256

86949fc74faa1d0e021c0c3b38de2065a10910cdbb85d97eadea7bc2b378f1c9
SHA512

62f2bb5503d0dd64b61cae2e495ac458eab0e3b024eb2e7cb9b434238e82fe74d4688b3efa1026fbb447db984922379eaa0b2bbde3ea2156ec8592dcb4ab0102
SSDEEP

3072:C58HvsQNkkUrXbMXTPCRLPqo615lGXMYnQj8Fvr+:C6vsGirCTK5PqzrHBir

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29ecc2f725672b5bcd9c9ca8247b5974

Files

29ecc2f725672b5bcd9c9ca8247b5974
.exe windows:4 windows x86 arch:x86

c21722af495d2a89f7b585a51c7fbef8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
GetStartupInfoA
GetLogicalDrives
SetMailslotInfo
LockFile
AddConsoleAliasW
GetStringTypeW
GetConsoleDisplayMode
GetNamedPipeHandleStateW
GetConsoleScreenBufferInfo
WriteProcessMemory
GenerateConsoleCtrlEvent
SetTermsrvAppInstallMode
WaitNamedPipeA
Module32Next
FindFirstFileExW
GetConsoleAliasExesA
UTUnRegister
FoldStringA
EnumDateFormatsExA
LockFile
CreateFileA
FillConsoleOutputCharacterW
SetCommTimeouts
DebugBreak
GetPrivateProfileSectionA
GetSystemPowerStatus
CloseConsoleHandle
ResetWriteWatch
LocalCompact
VirtualProtect
GetACP
SetCommTimeouts
GlobalGetAtomNameW

Sections

.data
Size: 8KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ