5959b2db215589f5eff3561d7333ee81 | Triage

Sharing

General

Target

5959b2db215589f5eff3561d7333ee81
Size

46KB
MD5

5959b2db215589f5eff3561d7333ee81
SHA1

39a47ef411234848b2d4b8874e1a38ad36ea127f
SHA256

210cb0250b11d3918317bc21eb89a632b5ae74d569127c651c5f98bf3891cef2
SHA512

e559775bc0075dc3b7532228f0170212abc578ed0a2cd2b453936f77ce9ee0e28fa12f843f4f335b131f20351bcbabc96f5b8ce05579cde564b617edf553223a
SSDEEP

768:z/kKkXoFJbFXNOt1N5w0VtABYB2IhnMVQNUKvQxXwxLsqYGOo0MKE4Zl/nTyVRUF:zCXoFXI/Zt+YB9+aWKvQxXwXYGOoU9xB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5959b2db215589f5eff3561d7333ee81

Files

5959b2db215589f5eff3561d7333ee81
.exe windows:5 windows x86 arch:x86

5c7953eb0bdf27c9dd916c24d3851b54

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
CryptGetHashParam
CryptCreateHash
DuplicateTokenEx
RegQueryValueExA
RegDeleteValueA
CryptReleaseContext

shlwapi

PathRemoveFileSpecW
wvnsprintfW
StrCmpNIA
PathFileExistsW
StrCmpNIW
PathCombineW
SHDeleteKeyA
wnsprintfW
PathMatchSpecW
wvnsprintfA
StrStrW
PathFindFileNameW
wnsprintfA

Sections

.svyp
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ilmzqh
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dmfkj
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ