59525a4f95bbb4c3c11ff1a698db12e4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

59525a4f95bbb4c3c11ff1a698db12e4
Size

2.9MB
MD5

59525a4f95bbb4c3c11ff1a698db12e4
SHA1

96a41d518b45bc9c3d3e2a405653814e060263fe
SHA256

3f25660dca7a661b855f615500c8ddb9c78d41d292b4287b0d40d072a2b9a08b
SHA512

bd918c1a9ad8d9b70cfdf2478bd67cc970eae673f6b5b5fe3f14858763ae180971fc6c5a8d711493262569e1226aa0a49785fa67d05835e4a336dc0088a01e68
SSDEEP

49152:HmdljNU3c/2xo9d8MbTd2dyDID4nw3Vx3PPGEg7zS2LO:HmzjNUe2ivxTd2yDID4e3nKW2LO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59525a4f95bbb4c3c11ff1a698db12e4

Files

59525a4f95bbb4c3c11ff1a698db12e4
.exe windows:4 windows x86 arch:x86

f8711bae9c574c2fbc062d43731fe05e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFileEx
WriteFileEx
VirtualAllocEx
CreateTimerQueueTimer
DeleteTimerQueueEx
GetTimeFormatA

user32

ShowWindow
IsCharUpperA

authz

AuthzInitializeContextFromAuthzContext

Sections

.text
Size: 738KB - Virtual size: 738KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 439KB - Virtual size: 438KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 98KB - Virtual size: 436KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 380B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ