59a6fac8123d972276533832b47ca0700e680d1570c2e09b8ef20f9569c8c318 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

59a6fac8123d972276533832b47ca0700e680d1570c2e09b8ef20f9569c8c318
Size

1.5MB
MD5

9cdd23f823b48169b8ea69723edf76fa
SHA1

25d8059a8920e28d987984083a1271845ad2c9f5
SHA256

59a6fac8123d972276533832b47ca0700e680d1570c2e09b8ef20f9569c8c318
SHA512

4e9b0bd79679961f10bbc3c51631b7a82d4b5444604e6fc1e3cc3f2a9da00f6deff80ad8dc20b8ade4e0402c9178879fe67c0ec024eb7a3d05fee427eaaa8991
SSDEEP

24576:KSZfkIMFHLYD1eAcFbay2oW/exLRVMpcKcmhH1d1H38l0qtVPGpMC3Eh8EkV:EsBeAiD7WGVMdcO1X8lfPj6V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59a6fac8123d972276533832b47ca0700e680d1570c2e09b8ef20f9569c8c318

Files

59a6fac8123d972276533832b47ca0700e680d1570c2e09b8ef20f9569c8c318
.exe windows x86

a97d3b9ef4031088d5701c356af68ab0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut

ws2_32

htons

kernel32

SetFilePointer

user32

ScreenToClient

gdi32

GetViewportExtEx

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

ole32

CLSIDFromProgID

oleaut32

UnRegisterTypeLi

comctl32

ord17

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 492KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1016KB - Virtual size: 1016KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ