29703ddaee1549d014ffdf27d60b6a67 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29703ddaee1549d014ffdf27d60b6a67
Size

11KB
MD5

29703ddaee1549d014ffdf27d60b6a67
SHA1

c8134a18005d8fa198207abf68c73914a6ae449d
SHA256

c258af2b53c4d760e1803d361fd4f42a82896db2bc10a5aa0acd0267fbabf82d
SHA512

a3cc6f5c9d9429244e0b70082b2dc3bb9452b7ed06200e345be063eaf31152578747ec738a6f4f3c48546ac874b898499fa793b2d26785282bb847af3b6bd3ce
SSDEEP

96:nPvmyLOhb3cwHoUxrtb8ft9D92gJKKOtJyg4DMU+jLTNpOtJyg4D650w6UGT:ntOhb3cOFtYF9D9yvKDqhEKD6+9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29703ddaee1549d014ffdf27d60b6a67

Files

29703ddaee1549d014ffdf27d60b6a67
.exe windows:1 windows x86 arch:x86

0d13896bd90a532994013e72bd1f8ec0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FindResourceA
ExitProcess
ReadFile
CreateFileA
GetModuleFileNameA
GetSystemDirectoryA
LoadResource
SetEvent
CloseHandle
GetFileSize
SetFilePointer
SizeofResource
Sleep
WriteFile
lstrcatA
lstrlenA
OpenEventA

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey

user32

wsprintfA

shell32

ShellExecuteA

Sections

CODE
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ