29b2f54e7b785be84393500f3d4127bc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29b2f54e7b785be84393500f3d4127bc
Size

49KB
MD5

29b2f54e7b785be84393500f3d4127bc
SHA1

b8630bb8dd71e496f438f1a4a380feb6d96546a9
SHA256

6169dcedbc98a53648ed80f83e99125e175d39d387efb91dd40405636fde3107
SHA512

c32c28aa922611514d91fe7743090306ff97737b1b4405fdb1f0eefbcbe140355348580ae0bfacf461cad35041f3ebbde0ac47b335ffe1beb627cd0496f9d1af
SSDEEP

768:0GJRYo7/07E5jJIksgmnCtLzdrU1n7wai13LNk1wKZr0ttGhlU3:aw/07IsXAXd87waiBRk14clU3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29b2f54e7b785be84393500f3d4127bc

Files

29b2f54e7b785be84393500f3d4127bc
.exe windows:4 windows x86 arch:x86

8ff31ce9dfae77c0cf5ffcb552596122

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
lstrcatA
GetSystemDirectoryA
Module32Next
Module32First
Process32Next
Process32First
GetModuleFileNameA
GetModuleHandleA
CloseHandle
GetProcAddress
LoadLibraryA
GetFileSize
LocalAlloc
LocalFree
CreateProcessA
GetCurrentProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
lstrcmpA
ExitProcess
lstrlenA
CreateToolhelp32Snapshot
lstrcpyA
UnhandledExceptionFilter
TerminateProcess
RtlUnwind

user32

MessageBoxA

advapi32

RegCloseKey
RegOpenKeyExA
GetUserNameA
RegQueryValueExA

shlwapi

PathFindFileNameA

Sections

.f0Gx
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ