primo[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

primo.exe
Size

17.4MB
MD5

7b026f5ae4aa3a5ddd150178c8a42625
SHA1

2823ff3b2730c4790d6830454e8d2c685ba25ca4
SHA256

a312418fd4c2bc6734e540f8273afc3cceb735d5de8208d782fa6637576eef01
SHA512

13e0fabf44c8fcf45e0de34f4c9cc8a07af7e1270b81504d7bf7e1674eeaca48de64fe3c5420bcf5750d5fb3a3cc4b8da2cfcbdc75c69282a2dea8fdee5d32a4
SSDEEP

393216:0d196AAUJxsQ2EqcfKRBV7bmglq+xEKD7lguFkzsfYDjuowte:WfDJ2CKHVJPBga/YDX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
primo.exe

Files

primo.exe
.exe windows:6 windows x86 arch:x86

3cb339debbcef0f199fcf0a12bdc4eb9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect

user32

MessageBoxA

Sections

1DfCOeBn
Size: - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

FaK3tA7z
Size: - Virtual size: 61B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Pu2bwg9C
Size: - Virtual size: 13B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

aZdOeeiq
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

a0ScsODS
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WiAfNVw3
Size: - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

f1bOIp2B
Size: - Virtual size: 25B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

EOwwQ3de
Size: - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

VKlBy44g
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vvRv7kGv
Size: - Virtual size: 13.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

L7UUwSCy
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TVCBLGWU
Size: 17.4MB - Virtual size: 17.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

NiDB8bJ1
Size: 512B - Virtual size: 469B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3cb339debbcef0f199fcf0a12bdc4eb9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

1DfCOeBn Size: - Virtual size: 436KB

FaK3tA7z Size: - Virtual size: 61B

Pu2bwg9C Size: - Virtual size: 13B

aZdOeeiq Size: - Virtual size: 48KB

a0ScsODS Size: - Virtual size: 8KB

WiAfNVw3 Size: - Virtual size: 1B

f1bOIp2B Size: - Virtual size: 25B

EOwwQ3de Size: - Virtual size: 1B

VKlBy44g Size: 512B - Virtual size: 64B

vvRv7kGv Size: - Virtual size: 13.5MB

L7UUwSCy Size: 512B - Virtual size: 352B

TVCBLGWU Size: 17.4MB - Virtual size: 17.4MB

NiDB8bJ1 Size: 512B - Virtual size: 469B

1DfCOeBn
Size: - Virtual size: 436KB

FaK3tA7z
Size: - Virtual size: 61B

Pu2bwg9C
Size: - Virtual size: 13B

aZdOeeiq
Size: - Virtual size: 48KB

a0ScsODS
Size: - Virtual size: 8KB

WiAfNVw3
Size: - Virtual size: 1B

f1bOIp2B
Size: - Virtual size: 25B

EOwwQ3de
Size: - Virtual size: 1B

VKlBy44g
Size: 512B - Virtual size: 64B

vvRv7kGv
Size: - Virtual size: 13.5MB

L7UUwSCy
Size: 512B - Virtual size: 352B

TVCBLGWU
Size: 17.4MB - Virtual size: 17.4MB

NiDB8bJ1
Size: 512B - Virtual size: 469B