29ab187faed215212d663fb8c4d72551 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29ab187faed215212d663fb8c4d72551
Size

4KB
MD5

29ab187faed215212d663fb8c4d72551
SHA1

9000857c3d1b2b102710fd166d87180e945da2dd
SHA256

35ea7aaa5153086cd5cee979a0077cfeee9109befccb657a73522b12876fd033
SHA512

b4591abef922ad4d36055978bb255b3412fa5807e2bc3b060f8a98b0531ba07320db7078dc22e9d317e9828d56ee9febd6b0a0871d0b42b22396e5cc890d1a59
SSDEEP

48:6g4eESEM4uwySProhi3AnD8yNdPNidsDMJ:DmMIDojD8yNHesDc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29ab187faed215212d663fb8c4d72551

Files

29ab187faed215212d663fb8c4d72551
.exe windows:1 windows x86 arch:x86

ca8d6f88549edaf45bdba341ea71d238

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

urlmon

URLDownloadToCacheFileA

kernel32

GetCommandLineA
GetLastError
GetModuleFileNameA
GetModuleHandleA
CloseHandle
CreateEventA
RtlUnwind
RtlZeroMemory
CreateProcessA

crtdll

__GetMainArgs
exit
raise
signal
strchr

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 456B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 748B - Virtual size: 748B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE