29249bec4214b89dd85d279b51eb6f58 | Triage

Sharing

General

Target

29249bec4214b89dd85d279b51eb6f58
Size

637KB
MD5

29249bec4214b89dd85d279b51eb6f58
SHA1

27f19515d3294cc0f65410eafd0b2986333d2e31
SHA256

dcc75ae34a3c11e6526501d6c27b780fe2d0c6ae5990dbca43610bdc6d408017
SHA512

167a748141fa1a7fe0ba27898d8d078e4249c107f7ea4e9a6964ba9ea7ee45507f4b325d7feed74f4159f1ea303a72dd62e5727d8241c811b195f9581cf91395
SSDEEP

12288:b/yWFNcU2j2IK66uxQf0XCFo20551DfE2RRU/pGV44Vg69MwbO+kPzd1lHYi0myF:vFNcrj2INQf0XCypfE2fUkg6vbKd3Y+U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29249bec4214b89dd85d279b51eb6f58

Files

29249bec4214b89dd85d279b51eb6f58
.exe windows:4 windows x86 arch:x86

924c3e83f6e1159f7d85f4020b3ad7d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleCP
GetCommandLineA
SuspendThread
GetVersion
lstrlenA
CloseHandle
GetStdHandle
HeapReAlloc
GetSystemDefaultLangID
GetAtomNameA
WaitForMultipleObjects
GetConsoleCP
GetTickCount
HeapCreate
GlobalUnlock
CompareFileTime
GetModuleHandleA
InterlockedExchange
LoadLibraryExA
WaitForSingleObject
VirtualProtect

user32

InvertRect
FindWindowA
SetWindowPos
GetDlgItem
SetPropA
GetKeyboardLayout
FillRect
CreateMenu
EnableScrollBar
IsDialogMessage
DestroyMenu
DispatchMessageA
DialogBoxParamA
SetScrollInfo
InsertMenuA
DrawCaption
CreateIcon
DragObject
CopyImage
GetCursorInfo
GetKeyState

advapi32

RegCloseKey
RegEnumValueA
RegCreateKeyExA
RegEnumKeyA
RegQueryInfoKeyA

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ