59048850afb594c657d732a4e0b39471 | Triage

Sharing

General

Target

59048850afb594c657d732a4e0b39471
Size

55KB
MD5

59048850afb594c657d732a4e0b39471
SHA1

84710fbc564f6db75ca86d5646ac437b1f714f45
SHA256

e266f576625221648379d9a1d512d19bfce7379b7e2ae0192e3ea2e69de14b0d
SHA512

ac84f9b235d1f4a7c8089479067906c9267aba74ac14dbf8eb4779a2caf408c51041fa14210ab2955ca42f156f44439b91801363f50a5433a07d0c8fec4d1fad
SSDEEP

1536:3NQyUmnyAxXJkjjr2QULyLlIkECBkQ6NVAaXZMR:3NQRmnkr21GLlIkECBkQ6NVAaXY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

59048850afb594c657d732a4e0b39471

Files

59048850afb594c657d732a4e0b39471
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

083cf405
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ