1ab77e27e12e97527a43a2577d0d7e7d28035c1c58f1cb39fb3bbb1e2fb626c3[.]exe | Triage

Sharing

General

Target

1ab77e27e12e97527a43a2577d0d7e7d28035c1c58f1cb39fb3bbb1e2fb626c3.exe
Size

8KB
MD5

404f59e4bb7cc8d2cb9ec917e72c6810
SHA1

e8a248e0786d3261b42725c309c9b3efe3aa7605
SHA256

1ab77e27e12e97527a43a2577d0d7e7d28035c1c58f1cb39fb3bbb1e2fb626c3
SHA512

091d7d163d9e880fbad39c2b727cf4eae137effc02a362b816534cd9224a56de4c227cb6629f66a1f2acfcc1c642d897a3bd73f7a14d269f0baaffbc248fd0b5
SSDEEP

192:3nTJkoHf6AOxPxWJhzdjOG7HyvKMEVgHy:dv6Ak0JhzdjZyvEV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ab77e27e12e97527a43a2577d0d7e7d28035c1c58f1cb39fb3bbb1e2fb626c3.exe

Files

1ab77e27e12e97527a43a2577d0d7e7d28035c1c58f1cb39fb3bbb1e2fb626c3.exe
.dll windows:6 windows x86 arch:x86

99461e4588d7674b8755b1d97a09af06

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

lua51

lua_pushboolean

advapi32

RegGetValueW

kernel32

GetCurrentProcess
InitializeSListHead
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
TerminateProcess
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent

vcruntime140

_except_handler4_common
__std_type_info_destroy_list
memset

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_cexit
_initialize_onexit_table
_execute_onexit_table

Exports

Exports

luaopen_darkmode

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ