59989a38fb99835411e66d9546004e45 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

59989a38fb99835411e66d9546004e45
Size

63KB
MD5

59989a38fb99835411e66d9546004e45
SHA1

4ea0748398bd0ebe8945f317ee62a400eaf4dde2
SHA256

1189ef7f54f0e3dcd4daf00f466b37a510ea98a8493a47f9d30678ceb2b73617
SHA512

22755263b7100831b4ae3bdacda0e121a83e2e6aa7cc4bbc8e6f321fe6b0eb9992a744373b76f5defcfd9eeb7e2b08d221b27b95fd1d3e9c8f13f72c7f38ad3c
SSDEEP

1536:GyMeOPN7nbez3ozPqX6lW0AetbSPAJUq564Y2uZjPEr4:Gp1mz4zSlkbSIJUx4Y2uZjI4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59989a38fb99835411e66d9546004e45

Files

59989a38fb99835411e66d9546004e45
.exe windows:4 windows x86 arch:x86

6e1f282449492d5fc7a87e6f1c3ced5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LocalAlloc
LocalFree
GetProcAddress
ExitProcess
LoadLibraryExA
GetModuleHandleA
VirtualFree
VirtualProtect
GetModuleFileNameA
VirtualAlloc

user32

wsprintfA
MessageBoxA

Sections

.data
Size: 42KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 5KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_rsc
Size: 496B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ