58d29a020139cc01e6ea23326d0f5cc3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

58d29a020139cc01e6ea23326d0f5cc3
Size

25KB
MD5

58d29a020139cc01e6ea23326d0f5cc3
SHA1

b7ecfc83ed672e4b1692d99b3fef0a8d97a79dc4
SHA256

cfb2f9bb8ee7068ff3d262c75b1b547877482c91eb2d324fb68a5d3d5c76ed42
SHA512

0b331bfd21a7558ff5c89fae44e1c6704b1483c764ea5061bf8afb6a6cae84bc6e39e8772b2f89d86ee621ae55049a39eab8dfe7c0094fd0d145d28532f0cd26
SSDEEP

384:HZ6puWu91vyda3gPiVyInYjeTPA7c5DdF1U73KZ+OpUwz7E4wA0oPYSXXlNkaN+2:HZEsi29Ya6CdF1q3+p3PEm0aXlHRqbG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
58d29a020139cc01e6ea23326d0f5cc3

Files

58d29a020139cc01e6ea23326d0f5cc3
.exe windows:1 windows x86 arch:x86

e2c69898e19633e9830253504d1e2896

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ElfDeregisterEventSource
CryptGetKeyParam
FindFirstFreeAce
GetSecurityDescriptorDacl
GetTokenInformation

kernel32

ClearCommBreak
ConvertThreadToFiber
CreateEventA
CreateMutexA
DefineDosDeviceA

Sections

.text
Size: 17KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE