596707fa3b619b56b1c0dd6b86039ead | Triage

Sharing

Copy URL Twitter E-mail

General

Target

596707fa3b619b56b1c0dd6b86039ead
Size

815KB
MD5

596707fa3b619b56b1c0dd6b86039ead
SHA1

cce706b836e49703290c334c4bff626f9b3aa748
SHA256

7f3d06e338d4439a82b1ed4125172ca211a8bc9f9a80beda225d8bc0087bcfea
SHA512

e2ec608de14bf6cc09a30adaa9651fe6f9b2e3592831f1067a015bf1cf4a23457e1bd1b908361f9e2a41b8372a37862d079ab5033801682dba4448954e4864b2
SSDEEP

12288:/oTl24h33t5APgIaKVHr/RQGckj/ngN9ra5yO3zFvMlGUb0CvkROswmI2H48UOBr:/Ul24H5jIH9QW4NlezFvMlGUbEOPmsc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
596707fa3b619b56b1c0dd6b86039ead

Files

596707fa3b619b56b1c0dd6b86039ead
.exe windows:4 windows x86 arch:x86

53127323eaa0125fa2e3d100ca487c5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
HeapCreate
CloseHandle
TlsGetValue
CreateFileA
GetConsoleCP
IsDebuggerPresent
CreateEventA
IsBadReadPtr
FindClose
GetLastError
LocalFree
FreeEnvironmentStringsA
GetFullPathNameA
GetStdHandle
LoadLibraryExA
GlobalLock
LocalUnlock
GetModuleHandleA
GetACP

user32

CreateDialogParamA
GetDC
EndDialog
GetDlgItem
PostMessageA
DefWindowProcA
SetFocus
EmptyClipboard
DispatchMessageA
GetMessageA
IsWindow
GetIconInfo
ScrollWindow
DrawIconEx

msasn1

ASN1BEREncLength
ASN1BERDecBool
ASN1BEREncFlush
ASN1BERDecEoid
ASN1BERDecCheck

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ