559bab0f83f693f9578b831ff7e9e47f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

559bab0f83f693f9578b831ff7e9e47f
Size

18KB
MD5

559bab0f83f693f9578b831ff7e9e47f
SHA1

7fd5474ea7be791019993e285185ed1276d2d20a
SHA256

8742adfc32038ff5b9a443a14d0fe9f459c2eee2bf2ed9bd6a19641df104f1a4
SHA512

affade5693bfa6f9ede843094bd7f5653f73be3eb34409de91e9b66594e9b2ceb47d6efca839e01b3c33683acd7cb8bc7d583b71935c877c7b6ab55b45ecbf53
SSDEEP

192:ewmno5bAU7/ROOivO8jCy1L9ub8solnplfyH6gnG8idzsUmEYg/Z9jY95bI9WE5n:ejuR/8OijnG8lpFyagGBDDjsnZT5Nu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
559bab0f83f693f9578b831ff7e9e47f

Files

559bab0f83f693f9578b831ff7e9e47f
.exe windows:4 windows x86 arch:x86

6764baeb8d960aa00c9977cb9882bb94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DriveType
FreeIconList
OpenAs_RunDLL
SHFindFiles
SHFree
SHUnlockShared
PathResolve
SheConvertPathW

kernel32

ExitThread
CreateThread
FatalExit
ExitProcess
CreateThread

user32

GetMenuState
CharToOemW
GetClassWord
DestroyCursor
CreateIconIndirect
FindWindowW
GetUpdateRgn

Sections

.text
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE