292f3c537f0e14f0b1454e85ebe77330 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

292f3c537f0e14f0b1454e85ebe77330
Size

30KB
MD5

292f3c537f0e14f0b1454e85ebe77330
SHA1

dac22c453710895c4a674ff6e522b59d0d05a249
SHA256

cb8f7d832196417c8e2cd67b232ec6090c0d8f2a7fcbb8e4e97811a827792343
SHA512

b4e37e94d96bced21515da775e284049f42eae31500edd1fe98c66012f1772eeb4bc71b444e7a1f2b8592f4c1829c6a64c9247330471971c0355bec2581a8d55
SSDEEP

768:Ltggigogpypwmdid6cDK8QEwvmcousi5cGeXRHHWEJ:GPpwmd6gEYmji5BEJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
292f3c537f0e14f0b1454e85ebe77330

Files

292f3c537f0e14f0b1454e85ebe77330
.exe windows:4 windows x86 arch:x86

db253ebebb6da33b7abdb9a467a22388

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

kernel32

GetTempPathA
lstrlenA
CloseHandle
CreateFileA
DeleteFileA
ExitProcess
FindResourceA
FreeResource
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree
LoadLibraryA
LoadResource
LockResource
SizeofResource
Sleep
WriteFile
lstrcatA
lstrcpyA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 630B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ