59318a941d0a2f120ca1e1cd77d8835f | Triage

Sharing

General

Target

59318a941d0a2f120ca1e1cd77d8835f
Size

9KB
MD5

59318a941d0a2f120ca1e1cd77d8835f
SHA1

c9e4d382ce515d53aad3e39d58293f620073efeb
SHA256

352a30f85d286de2e614f555f758e7205adac21a3165644d37511d1c85402a23
SHA512

5670ca81aa87f136c41f4ea8829680f78f9ad48db06132937acfa405f2663596619da2bdf0edfbf437276dc83598a4686d5d197742bc61ab408858b86250d444
SSDEEP

192:Cf2ZmPQYrQXDOaVB4lAeSvIMhy0hjw6/Feto8I3:CUI25BIIy8USFeGd3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59318a941d0a2f120ca1e1cd77d8835f

Files

59318a941d0a2f120ca1e1cd77d8835f
.dll windows:4 windows x86 arch:x86

df2d11bc209f47311182911538fad00d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

FindWindowA
GetWindowThreadProcessId
wsprintfA

kernel32

ReadProcessMemory
GetStringTypeA
RtlUnwind
LCMapStringW
CloseHandle
CreateRemoteThread
CreateThread
GetCurrentProcess
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
OpenProcess
GetStringTypeW
RtlZeroMemory
Sleep
VirtualAllocEx
WriteProcessMemory
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte

wininet

InternetOpenA
InternetOpenUrlA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 460B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ