a29776f2d5420397387887ea82cb6e00N[.]exe | Triage

Sharing

General

Target

a29776f2d5420397387887ea82cb6e00N.exe
Size

59KB
MD5

a29776f2d5420397387887ea82cb6e00
SHA1

0cf4b74ee539dcc793de5536091218c34d01083a
SHA256

64f3533db567a693b6ce9745f0562b5e5d67dcc26fb159156bd72a14e3df0ffe
SHA512

82911d83dde39a92841a425a4597ae78c48828e306b5d5e62d1a7dc3639cbdcf88c781fcc757c7b16c634a8710d8987da6094bc68e7d128390ca2a680f56c5cb
SSDEEP

1536:xAVpYPLsUDbXUzzqNANl9isgM5myeteYOH3p4Pel91:GVpYPx3S2K3ks3ff3p4091

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a29776f2d5420397387887ea82cb6e00N.exe

Files

a29776f2d5420397387887ea82cb6e00N.exe
.exe windows:5 windows x86 arch:x86

b892955ae494fe908bdf52e81e1dfa4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

EndPaint

advapi32

RegCloseKey

shell32

ShellExecuteA

ws2_32

WSAStartup

iphlpapi

GetAdaptersAddresses

Sections

VGSDHSJK
Size: - Virtual size: 160KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

VGSDHSJK
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE