729ea29849b6cfc679253a330c3346ac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

729ea29849b6cfc679253a330c3346ac
Size

28KB
MD5

729ea29849b6cfc679253a330c3346ac
SHA1

9ee37cae7e38512615315d67e968bedcc85f6c38
SHA256

9637505159c2f1b7fa73f4df2acdb6ee88f5b55f9b596a548f80c5fa5ac54a10
SHA512

3665180d0e70ff78fa62f6c02a9f058ebbbb9998e9394c79ceef24ce33573848c0cc58312e0b79ccd130b782e54c60d3b9dca9bf6306cf75bfc1ab378e44df41
SSDEEP

192:Bob8KVzYkX211qS73gt/KrQXWGuPJb2mZBdZDB/gOQ+SM/fr9lL1LyyxltLPG72i:BRSoTq4pB2mlv/5Vyyx7Luy6oHQrapw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
729ea29849b6cfc679253a330c3346ac

Files

729ea29849b6cfc679253a330c3346ac
.exe windows:4 windows x86 arch:x86

38b4548d1a2d941faef4a990da54ea8d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
HeapCreate
HeapDestroy
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetModuleFileNameA
GetFileType
GetStringTypeA
GetStringTypeW
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW

user32

MessageBoxA

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ