0a529dd8875a5dfcc55407fc7faac1f18ec1e24669367b377d8c5c97c9d57536N[.]exe | Triage

Sharing

General

Target

0a529dd8875a5dfcc55407fc7faac1f18ec1e24669367b377d8c5c97c9d57536N.exe
Size

86KB
MD5

e52d608edc643b06af52c4dca53d6050
SHA1

29a6f564d191920f89c39aa074bf76b663999489
SHA256

0a529dd8875a5dfcc55407fc7faac1f18ec1e24669367b377d8c5c97c9d57536
SHA512

c90736d9880f238d101dd567c6d55e66c47f55d3502575a426183ed4251de75ca96bc86dc32eb9bc12003db8dcde08a4449b5dcbc5c7e052a2fc35cd3ebf2475
SSDEEP

1536:GEVe0t6Kdh3OeRBO1jnAOUHC3db/W9HWqU0A07a8IOoS:DVe021jnBqC3daw0yOo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a529dd8875a5dfcc55407fc7faac1f18ec1e24669367b377d8c5c97c9d57536N.exe

Files

0a529dd8875a5dfcc55407fc7faac1f18ec1e24669367b377d8c5c97c9d57536N.exe
.exe windows:5 windows x86 arch:x86

d6a1160f2df9c2cf0a349c8c3a80a8b6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__winitenv
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
_XcptFilter
__set_app_type
_except_handler3
exit
_exit
_c_exit
vwprintf
_iob
fflush
wcslen
_controlfp
_cexit
wcschr
wprintf
iswprint
tolower
wcscpy
__p__fmode
printf

advapi32

RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA

kernel32

GetLastError

user32

MessageBoxW

ole32

CoCreateInstance
CoUninitialize
CoTaskMemFree
CoInitializeEx

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupCopyOEMInfW

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE